data theft

Self-spreading npm malware targets developers in new supply chain attack

data theft, Don't miss, Hot stuff, JavaScript, Malware, News, Node.js, Socket, software development, worms /

Self-spreading npm malware targets developers in new supply chain attack 2026-02-24 at 15:10 By Zeljka Zorz Security researchers have uncovered another supply chain attack targeting developers: 19 typosquatting npm packages published on npmjs.com that steal credentials, infect projects, and propagate themselves across developer environments. The operation, dubbed “SANDWORM_MODE,” represents a (still) rare example of worm-like […]

Self-spreading npm malware targets developers in new supply chain attack Read More »

ShinyHunters flip the script on MFA in new data theft attacks

data theft, Don't miss, extortion, Google Cloud, Hot stuff, Mandiant, News, Silent Push, social engineering, SSO, tips, vishing /

ShinyHunters flip the script on MFA in new data theft attacks 2026-02-02 at 18:50 By Zeljka Zorz Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it. Among those successfully targeted in

ShinyHunters flip the script on MFA in new data theft attacks Read More »

France Travail fined €5 million for failing to protect job seeker data

data breach, data security, data theft, EU, Europe, France, Government, News, Privacy /

France Travail fined €5 million for failing to protect job seeker data 2026-01-29 at 17:29 By Sinisa Markovic France data protection authority CNIL has fined public employment agency France Travail €5 million for failing to ensure the security of personal data of job seekers. Attackers gained access to the organization’s systems through social engineering techniques

France Travail fined €5 million for failing to protect job seeker data Read More »

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

browser extension, Chrome, data theft, extension, Malware & Threats /

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats 2026-01-07 at 17:35 By Ionut Arghire Impersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating users’ browser activity. The post Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats Read More »

Arizona Attorney General Sues Chinese Online Retailer Temu Over Data Theft Claims

Arizona, Data Protection, data theft, lawsuit, Temu /

Arizona Attorney General Sues Chinese Online Retailer Temu Over Data Theft Claims 2025-12-03 at 14:24 By Associated Press Arizona is the latest state to sue Temu and its parent company PDD Holdings over allegations that the Chinese online retailer is stealing customers’ data. The post Arizona Attorney General Sues Chinese Online Retailer Temu Over Data

Arizona Attorney General Sues Chinese Online Retailer Temu Over Data Theft Claims Read More »

Gainsight breach: Salesforce details attack window, issues investigation guidance

data theft, Don't miss, Gainsight, Hot stuff, Mandiant, News, Palo Alto Networks, SaaS, Salesforce, supply chain compromise /

Gainsight breach: Salesforce details attack window, issues investigation guidance 2025-11-26 at 16:30 By Zeljka Zorz The number of Salesforce customers affected by the recent compromise of Gainsight-published applications is yet to be publicly confirmed, but Salesforce released indicators of compromise (IoCs) and simultaneously shed some light on when the attack likely started. The provided list

Gainsight breach: Salesforce details attack window, issues investigation guidance Read More »

New “HashJack” attack can hijack AI browsers and assistants

AI, browser, Chrome, Comet, data theft, Don't miss, Edge, Google, Hot stuff, Microsoft, News, Perplexity, phishing /

New “HashJack” attack can hijack AI browsers and assistants 2025-11-26 at 14:18 By Zeljka Zorz Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or disinformation (e.g., incorrect medicine dosage guidance or investment advice), send sensitive data to the

New “HashJack” attack can hijack AI browsers and assistants Read More »

Salesforce investigates new incident echoing Salesloft Drift compromise

data theft, Don't miss, Gainsight, Google Cloud, Hot stuff, Mandiant, News, SaaS, Salesforce, supply chain compromise /

Salesforce investigates new incident echoing Salesloft Drift compromise 2025-11-20 at 23:14 By Zeljka Zorz In what may be a repeat of the Salesloft Drift supply chain compromise, Salesforce confirmed that they’ve identified unusual activity involving Gainsight-published apps connected to Salesforce. “Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data

Salesforce investigates new incident echoing Salesloft Drift compromise Read More »

MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices

data theft, Don't miss, Hot stuff, Jamf, macOS, Malware, News, tips /

MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices 2025-11-20 at 15:03 By Zeljka Zorz A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. Multi-stage delivery Dubbed DigitStealer by Jamf researchers, this threat is unusually sophisticated. Before

MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices Read More »

Google uncovers malware using LLMs to operate and evade detection

APT, Artificial Intelligence, cybercriminals, data theft, Don't miss, Google, Hot stuff, LLMs, Malware, News, Threat Intelligence /

Google uncovers malware using LLMs to operate and evade detection 2025-11-05 at 20:53 By Zeljka Zorz PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated example: Google’s latest report shows attackers are now creating and deploying other malware that

Google uncovers malware using LLMs to operate and evade detection Read More »

Claude AI APIs Can Be Abused for Data Exfiltration

AI, Anthropic, API, Artificial Intelligence, Claude, data theft, Featured /

Claude AI APIs Can Be Abused for Data Exfiltration 2025-11-03 at 15:57 By Ionut Arghire An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account. The post Claude AI APIs Can Be Abused for Data Exfiltration appeared first on SecurityWeek. This article is an

Claude AI APIs Can Be Abused for Data Exfiltration Read More »

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)

Darktrace, data theft, Don't miss, Eye Security, Hot stuff, Huntress, Malware, News, Palo Alto Networks, Sophos, Windows Server /

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) 2025-10-30 at 15:46 By Zeljka Zorz Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Windows Server Update Services (WSUS) remote code execution vulnerability,

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) Read More »

Ransomware, extortion groups adapt as payment rates reach historic lows

Coveware, data theft, Don't miss, extortion, Hot stuff, Insider Threat, News, Ransomware, remote access, social engineering, trends /

Ransomware, extortion groups adapt as payment rates reach historic lows 2025-10-27 at 15:12 By Zeljka Zorz Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according

Ransomware, extortion groups adapt as payment rates reach historic lows Read More »

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info

CrowdStrike, data breach, data theft, Don't miss, F5 Networks, Hot stuff, IOActive, Mandiant, NCC Group, NCSC, networking, News, source code /

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info 2025-10-15 at 18:39 By Zeljka Zorz US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security products, the company confirmed today. BIG-IP vulnerabilities are often

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info Read More »

F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data

Big-IP, China, Data Breaches, data theft, F5, Featured, Nation-State, source code /

F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data 2025-10-15 at 18:18 By Eduard Kovacs F5 has not shared too much information on the threat actor, but the attack profile seems to point to China. The post F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data appeared first on

F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data Read More »

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)

data theft, Don't miss, exploit, extortion, Hot stuff, Mandiant, News, Oracle, Resecurity, WatchTowr /

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) 2025-10-07 at 15:36 By Zeljka Zorz Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, both, or even additional threat actors is still unknown,

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) Read More »

Hackers launch data leak site to extort 39 victims, or Salesforce

Data leak, data theft, Don't miss, extortion, Hot stuff, News, Salesforce, social engineering /

Hackers launch data leak site to extort 39 victims, or Salesforce 2025-10-06 at 17:44 By Zeljka Zorz Scattered Lapsus$ Hunters launched a data leak site over the weekend, aiming to pressure organizations whose Salesforce databases they have plundered into paying to prevent the stolen data from being released. Screenshot of Scattered Lapsus$ Hunters data leak

Hackers launch data leak site to extort 39 victims, or Salesforce Read More »

Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)

data theft, Don't miss, extortion, Hot stuff, Mandiant, News, Oracle /

Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882) 2025-10-06 at 15:28 By Zeljka Zorz The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), “to steal large amounts of data from several victim[s] in August 2025,” Charles Carmakal, CTO at Mandiant – Google Cloud, stated

Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882) Read More »

Hackers claim to have plundered Red Hat’s GitHub repos

data breach, data theft, Don't miss, GitHub, Hot stuff, News, Red Hat /

Hackers claim to have plundered Red Hat’s GitHub repos 2025-10-02 at 20:00 By Zeljka Zorz The Crimson Collective, an emerging extortion / hacker group, has made a bombshell claim on their Telegram channel: they have gained access to Red Hat’s GitHub and have exfiltrated data from over 28,000 internal repositories connected to the company’s consulting

Hackers claim to have plundered Red Hat’s GitHub repos Read More »

Salesforce AI Hack Enabled CRM Data Theft

AI, AI hack, Artificial Intelligence, data theft, prompt injection, Salesforce AI /

Salesforce AI Hack Enabled CRM Data Theft 2025-09-25 at 21:26 By Eduard Kovacs Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak. The post Salesforce AI Hack Enabled CRM Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Salesforce AI Hack Enabled CRM Data Theft Read More »

Scroll to Top