A sophisticated malware campaign hid in plain sight on the Open VSX registry, using a fake Angular Language Service extension to siphon developer secrets and crypto wallets via blockchain-based command and control.
#VS Code extension | #Credential theft | #Supply chain attack
TAMECAT, a PowerShell-based backdoor linked to Iranian APT42, targets high-profile officials by stealing Edge and Chrome browser credentials. This feature unpacks its infection chain, stealth tactics, and the urgent need for browser security.
A massive 2025 breach reveals unchanged password habits: '123456' and 'password' top the list, leaving individuals and businesses exposed despite years of security warnings.
A global cyberattack leveraged Google Ads and deceptive PDF editor downloads to spread the TamperedChef infostealer, exposing organizations in 19 countries to credential theft and advanced digital deception.
A stealthy malware campaign targeting a major U.S. bank's employee ecommerce platform compromised over 200,000 workers' credentials, exposing a critical blind spot in corporate cyber defense.
BlueDelta, Russia’s notorious cyber espionage group, has sharpened its credential-stealing operations targeting energy and defense research. Investigators reveal how tailored phishing lures, disposable hosting, and technical agility make these campaigns a growing threat into 2026.
VVS Stealer is a Python-based malware campaign targeting Discord users and browsers. Using commercial-grade obfuscation, code injection, and fake error screens, it stealthily steals credentials while evading most traditional defenses.
Russian hackers from BlueDelta (Fancy Bear) are using authentic-looking PDFs and free online tools to steal logins from professionals in just two seconds. Learn how these attacks work and how to protect yourself.
#Russian Hackers | #Credential Theft | #Cybersecurity Threats
A wave of ownCloud breaches in 2026 reveals that infostealer malware and missing MFA, not software flaws, left organizations exposed—underscoring the critical need for defense-in-depth in self-hosted file sharing.
Hackers are bypassing security tools by crafting QR codes from HTML tables instead of images, tricking users into scanning and entering credentials on malicious sites. This investigative feature exposes how imageless QR code phishing works and how organizations can respond.