credential theft Archives - The CISO Brief

Browsing: credential theft

Google uncovers hacker group’s AI-powered mass exploitation plan

By Staff WriterMay 12, 2026

Quick Takeaways Attackers, likely nation-states, used AI to discover zero-day vulnerabilities and automate bypassing two-factor…

AD CS Escalation Tactics Reveal Advanced Attack Techniques

By Staff WriterMay 11, 2026

Quick Takeaways Attackers exploit misconfigured AD CS certificate templates—such as overly permissive rights and subject…

TeamPCP exploits Jenkins plugin post-KICS supply chain attack

By Staff WriterMay 11, 2026

Fast Facts A maliciously altered version of the Jenkins AST plugin was published, exploiting supply…

TCLBANKER Trojan Uses WhatsApp, Outlook to Target Financial Platforms

By Staff WriterMay 8, 2026

Top Highlights TCLBANKER, a sophisticated Brazilian banking trojan, uses environment checks, anti-analysis techniques, and signed…

Stolen passwords highlight phishing and credential theft risks

By Staff WriterMay 7, 2026

Top Highlights Attackers increasingly use stolen credentials and access tokens to infiltrate systems, making breaches…

PCPJack exploits CVEs to rapidly propagate cloud worms

By Staff WriterMay 7, 2026

Essential Insights The PCPJack framework targets exposed cloud services (e.g., Docker, Kubernetes, Redis, MongoDB) to…

Windows Phone exploited via CloudZ RAT for credential theft

By Staff WriterMay 6, 2026

Quick Takeaways Threat actors used CloudZ RAT and a new Pheno plugin to hijack Microsoft…

Potential data breach from cleartext passwords in Edge 2026

By Staff WriterMay 5, 2026

Fast Facts Microsoft Edge stores all user passwords in clear text within process memory, accessible…

CloudZ RAT intercepts OTPs via Pheno plugin attack

By Staff WriterMay 5, 2026

Top Highlights Attackers implant CloudZ RAT and a custom plugin "Pheno" to steal credentials, OTPs,…

Ruby Gems and Go Modules Poison CI Pipelines for Credentials

By Staff WriterMay 1, 2026

Summary Points Malicious Ruby gems and Go modules disguised as legitimate libraries are used to…

What's Hot

ClickFix: A Decade of Power-Packed Open-Source Python SOCKS5 Proxy

GemStuffer exploits RubyGems to exfiltrate UK council data

Ransomware groups narrow focus, target Thailand intensively

Browsing: credential theft

Google uncovers hacker group’s AI-powered mass exploitation plan

AD CS Escalation Tactics Reveal Advanced Attack Techniques

TeamPCP exploits Jenkins plugin post-KICS supply chain attack

TCLBANKER Trojan Uses WhatsApp, Outlook to Target Financial Platforms

Stolen passwords highlight phishing and credential theft risks

PCPJack exploits CVEs to rapidly propagate cloud worms

Windows Phone exploited via CloudZ RAT for credential theft

Potential data breach from cleartext passwords in Edge 2026

CloudZ RAT intercepts OTPs via Pheno plugin attack

Ruby Gems and Go Modules Poison CI Pipelines for Credentials

ClickFix: A Decade of Power-Packed Open-Source Python SOCKS5 Proxy

Secure Your Data: Top 10 DLP Solutions for 2026

May Patch Tuesday: Critical Windows and SAP Security Flaws Uncovered

No Blind Spots: How Top MSSPs Prevent Incidents with Live Threat Visibility

Our Picks

ClickFix: A Decade of Power-Packed Open-Source Python SOCKS5 Proxy

GemStuffer exploits RubyGems to exfiltrate UK council data

Ransomware groups narrow focus, target Thailand intensively

Most Popular

Protecting MCP Security: Defeating Prompt Injection & Tool Poisoning

Unlock the Power of Free WormGPT: Harnessing DeepSeek, Gemini, and Kimi-K2 AI Models

The New Face of DDoS is Impacted by AI

Archives

Categories

Subscribe to Updates

What's Hot

Browsing: credential theft