Topic: account compromise

Sort by: Relevance | Date
  • Patch Now: CISA Warns of Active FileZen Exploit (CVE-2026-25108)
    February 26, 2026

    Patch Now: CISA Warns of Active FileZen Exploit (CVE-2026-25108)

    A critical vulnerability (CVE-2026-25108) in Soliton Systems' FileZen appliance is under active exploitation, allowing attackers to run arbitrary commands, prompting urgent patching and a CISA mandate for federal agencies. The flaw impacts specific versions of the secure file transfer server and ...

    Read More »
  • Ransomware Attacks Surge to Record High in 2025
    February 20, 2026

    Ransomware Attacks Surge to Record High in 2025

    Ransomware attacks reached a record high in 2025, with a 30% surge in publicly named victims and a peak of 124 active criminal groups. Artificial intelligence is fueling the threat by lowering technical barriers, enabling more effective phishing and malware development for both new and establishe...

    Read More »
  • Coinbase Breach: Insider Leaked Support Tool Screenshots
    February 5, 2026

    Coinbase Breach: Insider Leaked Support Tool Screenshots

    A Coinbase contractor improperly accessed the personal data of approximately 30 customers last year, a separate incident from a prior breach, prompting user notifications and regulatory reporting. The breach highlights a broader trend where cybercriminals target Business Process Outsourcing (BPO)...

    Read More »
  • 48 Million Gmail Credentials Leaked Online
    January 25, 2026

    48 Million Gmail Credentials Leaked Online

    A database containing nearly 149 million login credentials, including an estimated 48 million Gmail accounts, was exposed online, compiled from past breaches and infostealer malware. The primary risk is credential stuffing attacks, where stolen usernames and passwords are used to access other acc...

    Read More »
  • Energy Firms Hit by Sophisticated AiTM Phishing Attacks
    January 25, 2026

    Energy Firms Hit by Sophisticated AiTM Phishing Attacks

    A sophisticated phishing campaign is targeting the energy sector using Adversary-in-the-Middle (AiTM) attacks, which bypass standard email filters and multi-factor authentication (MFA) by stealing login credentials and session cookies. Once an account is compromised, attackers establish persisten...

    Read More »
  • French Football Federation Hit by Cyberattack, Data Breached
    November 29, 2025

    French Football Federation Hit by Cyberattack, Data Breached

    The French Football Federation experienced a cybersecurity breach where attackers accessed its administrative software by compromising a user account, leading to a system-wide password reset. Personal data including names, addresses, and contact details of club members was stolen, but no financia...

    Read More »
  • 500 npm Packages Infected by Shai-Hulud Malware Leaking Secrets
    November 26, 2025

    500 npm Packages Infected by Shai-Hulud Malware Leaking Secrets

    Over 500 npm packages, including popular tools like Zapier and Postman, have been compromised by the Shai-Hulud malware, which steals developer secrets and uploads them to rapidly multiplying GitHub repositories. The attack uses trojanized versions of legitimate packages to inject malicious scrip...

    Read More »
  • International Students Scammed With Fake Visa Threats
    October 30, 2025

    International Students Scammed With Fake Visa Threats

    International students in the U.S. are increasingly targeted by scammers posing as officials, who exploit fears over visa status to deceive them through emails, texts, and calls. These scams primarily aim for financial gain by using threats or fake rewards, leading to compromised accounts, financ...

    Read More »
  • Beyond Email: The New Frontier of Phishing Attacks
    September 25, 2025

    Beyond Email: The New Frontier of Phishing Attacks

    Phishing attacks are increasingly moving beyond email to exploit social media, messaging apps, and malicious ads, challenging traditional email-focused security defenses. These multi-channel attacks use sophisticated obfuscation techniques to evade detection and often target core identity platfor...

    Read More »
  • GitHub Tightens npm Security After Shai-Hulud Attack
    September 24, 2025

    GitHub Tightens npm Security After Shai-Hulud Attack

    The npm registry faces increasing threats from attacks like phishing campaigns and the self-propagating "Shai-Hulud" worm, leading GitHub to implement new security measures to protect the software supply chain. GitHub is strengthening authentication by requiring two-factor authentication (2FA) fo...

    Read More »
  • Massive Supply-Chain Attack Hits 2B+ Weekly Downloads
    September 9, 2025

    Massive Supply-Chain Attack Hits 2B+ Weekly Downloads

    A software supply-chain attack compromised nearly two dozen npm packages with two billion weekly downloads, making it one of the most extensive digital infiltrations ever recorded. The breach began when a key maintainer fell for a phishing email, allowing attackers to embed malicious code that hi...

    Read More »
  • Google Denies Gmail Scam Risk – But You Still Need to Do This
    September 2, 2025

    Google Denies Gmail Scam Risk – But You Still Need to Do This

    Google denies recent claims of increased scam risks for Gmail users on desktops and laptops, asserting that its security systems are strong and block over 99.9% of threats. Users are advised to enhance account security by regularly updating passwords and enabling two-factor authentication, while ...

    Read More »

Related Topics

two-factor authentication (4) data breach (3) supply chain attack (2) incident response (2) social engineering (2) gmail security (2) security recommendations (2) password reset (2)