credentials
Google disputes false claims of massive Gmail data breach
Google was once again forced to announce that it had not suffered a data breach after numerous news outlets published sensational stories about a fake breach that purportedly exposed 183 million accounts. This claim began over the weekend and into today, with news stories claiming that millions of Gmail accounts were breached, with some outlets saying it […]
PyPI urges users to reset credentials after new phishing attacks
The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default source for Python’s package management tools, hosting hundreds of thousands of packages and providing developers with a centralized platform to distribute third-party software […]
Plex tells users to reset passwords after new data breach
Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases. In a data breach notification seen by GeekFeed, Plex says the stolen data includes email addresses, usernames, securely hashed passwords, and authentication data. “An […]
Microsoft 365 ‘Direct Send’ abused to send phishing as internal users
An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called “Direct Send” to evade detection by email security and steal credentials. Direct Send is a Microsoft 365 feature that allows on‑premises devices, applications, or cloud services to send emails through a tenant’s smart host as if they originated from the organization’s domain. It’s […]
Cisco warns of ISE and CCP flaws with public exploit code
Cisco has released patches to address three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) solutions. The most severe of the three is a critical static credential vulnerability tracked as CVE-2025-20286, found by GMO Cybersecurity’s Kentaro Kawane in Cisco ISE. This identity-based policy enforcement software provides endpoint access […]
Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials
A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management (IAM) credentials from the IMDSv1 endpoint. Retrieving IAM credentials allows attackers to escalate their privileges and access S3 buckets or control other AWS services, potentially leading to sensitive data exposure, […]
Phishing kits now vet victims in real-time before stealing credentials
Phishing actors are employing a new evasion tactic called ‘Precision-Validated Phishing’ that only shows fake login forms when a user enters an email address that the threat actors specifically targeted. Unlike traditional mass-targeting phishing, this new method uses real-time email validation to ensure phishing content is shown only to pre-verified, high-value targets. Although not overly […]
Microsoft: New RAT malware used for crypto theft, reconnaissance
Microsoft has discovered a new remote access trojan (RAT) that employs “sophisticated techniques” to avoid detection, maintain persistence, and extract sensitive data. While the malware (dubbed StilachiRAT) hasn’t yet reached widespread distribution, Microsoft says it decided to publicly share indicators of compromise and mitigation guidance to help network defenders detect this threat and reduce its […]
Cisco warns of Webex for BroadWorks flaw exposing credentials
Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely. Webex for BroadWorks integrates Cisco Webex’s video conferencing and collaboration features with the BroadWorks unified communications platform. While the company has yet to assign a CVE ID to track this security issue, Cisco says in a Tuesday security […]
Have I Been Pwned adds 284M accounts stolen by infostealer malware
The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel. HIBP founder Troy Hunt says he found 284,132,969 compromised accounts while analyzing 1.5TB of stealer logs likely collected from numerous sources and shared on a Telegram channel known as “ALIEN TXTBASE.” “They […]