#credential-theft

9 articles

News9

Computer terminal showing npm package installation with warning messages on dark screen

Bitwarden CLI Hit by Supply Chain Attack via Malicious npm

Attackers compromised the official Bitwarden CLI npm package with credential-stealing malware that could self-propagate across development environments.

April 23, 09:21 PM5 min

Dark server room with red warning lights and compromised terminal displaying malicious code

High

Cyber Attacks

NPM Supply Chain Attack Steals Developer Credentials

A sophisticated supply chain attack targeting Node Package Manager is compromising developer accounts and spreading malicious packages across the ecosystem.

April 22, 02:57 PM5 min

Government building with dramatic red lighting suggesting cybersecurity threat

High

Malware

AgingFly Malware Targets Government and Healthcare Sectors

New AgingFly malware family steals authentication data from Chromium browsers and WhatsApp, targeting local governments and hospitals worldwide.

April 15, 11:57 PM5 min

Corporate boardroom table with executive nameplates under dramatic red lighting

High

Cyber Attacks

VENOM PhaaS Platform Targets C-Suite Credentials

Threat actors deploy VENOM phishing-as-a-service platform to steal executive credentials across multiple industries through sophisticated social engineering campaigns.

April 9, 11:37 PM5 min

Dark server room with glowing computer screens displaying code and warning alerts

High

Cyber Attacks

UAT-10608 Hackers Target Next.js Apps with React2Shell Tool

Threat group UAT-10608 exploits vulnerable Next.js applications using React2Shell automation to steal credentials and system secrets.

April 6, 05:31 PM5 min

Computer screen showing fake error dialog with click to fix button in dark office

High

Malware

DeepLoad Malware Uses ClickFix Tactics for Credential Theft

Cybercriminals deploy DeepLoad malware loader through ClickFix social engineering campaigns, targeting user credentials with AI-assisted evasion techniques.

March 30, 05:47 PM5 min

MacBook Pro screen showing terminal commands with red warning indicators in dark room

High

Malware

Infinity Stealer Targets macOS with Python-Based Payload

New Infinity Stealer malware uses Python and Nuitka compiler to steal credentials from macOS systems through sophisticated social engineering campaigns.

March 28, 03:35 PM5 min

Torg Grabber Infostealer Targets 728 Crypto Wallets via ClickFix PowerShell Attack

High

Cybersecurity

Torg Grabber Infostealer Targets 728 Crypto Wallets via ClickFix PowerShell Attack

A newly identified infostealer named Torg Grabber is actively targeting 728 cryptocurrency wallet extensions across 25 browsers, using ClickFix-based PowerShell lures for initial access. Researchers at Gen Digital discovered 334 unique samples developed in just three months, with new command-and-control infrastructure deployed weekly.

March 25, 12:00 AM6 min

Laptop displaying suspicious VPN login screen with warning indicators in dark lighting

High

Cyber Attacks

Storm-2561 Deploys Fake VPN Apps to Steal Credentials

Threat group Storm-2561 distributes malicious VPN clients through search engine manipulation to harvest user login credentials.

March 16, 01:28 PM2 min