Topic: credential stuffing

Sort by: Relevance | Date
  • DraftKings Users Hit by Widespread Account Hacks
    October 20, 2025
    95%

    DraftKings Users Hit by Widespread Account Hacks

    DraftKings experienced unauthorized account access through a credential stuffing attack, where attackers used stolen login details from external sources to compromise user accounts. The breach exposed personal details like names and contact information, but sensitive data such as full payment car...

    Read More »
  • PcComponentes Denies Data Breach Claims as Fake
    January 23, 2026
    90%

    PcComponentes Denies Data Breach Claims as Fake

    PcComponentes denied a massive data breach, clarifying it was targeted by a credential stuffing attack using credentials from older, unrelated breaches, and stated its active user base is smaller than the claimed 16 million affected accounts. The company confirmed no unauthorized intrusion into i...

    Read More »
  • 48 Million Gmail Credentials Leaked Online
    January 25, 2026
    80%

    48 Million Gmail Credentials Leaked Online

    A database containing nearly 149 million login credentials, including an estimated 48 million Gmail accounts, was exposed online, compiled from past breaches and infostealer malware. The primary risk is credential stuffing attacks, where stolen usernames and passwords are used to access other acc...

    Read More »
  • VPN Credentials Fuel 50% of Ransomware Attacks
    November 20, 2025
    80%

    VPN Credentials Fuel 50% of Ransomware Attacks

    Ransomware activity surged in Q3 2025, with compromised VPN credentials being the primary entry point for nearly half of all breaches, driven mainly by three groups: Akira, Qilin, and INC Ransomware. The Akira group specifically targeted SonicWall appliances using credential stuffing attacks, exp...

    Read More »
  • Google Denies Widespread Gmail Data Breach Rumors
    October 29, 2025
    75%

    Google Denies Widespread Gmail Data Breach Rumors

    Google has officially denied a new Gmail data breach, clarifying that recent reports stem from misinterpreted collections of old stolen credentials and not a new security incident. The confusion arose when a large set of 183 million compromised credentials from various sources was added to a cybe...

    Read More »
  • API Incidents Surge: 40,000+ Reported in First Half of 2025
    September 27, 2025
    75%

    API Incidents Surge: 40,000+ Reported in First Half of 2025

    The first half of 2025 saw over 40,000 API incidents, with APIs becoming a prime target for sophisticated automated attacks despite representing a small part of the attack surface. A record-breaking 15 million requests-per-second DDoS attack targeted a financial services API, using botnets that m...

    Read More »
  • Rising Cyber-Attacks Target PHP Servers and IoT Devices
    October 31, 2025
    70%

    Rising Cyber-Attacks Target PHP Servers and IoT Devices

    A surge in cyber-attacks is targeting PHP servers, IoT devices, and cloud gateways, driven by botnets like Mirai exploiting known vulnerabilities and misconfigurations to expand their reach. Specific vulnerabilities under active exploitation include CVE-2022-47945 in ThinkPHP, CVE-2021-3129 in La...

    Read More »

Related Topics

data breach (4) remote code execution (2) gmail security (2) password security (2) two-factor authentication (2) vulnerability management (2) security investigation (2) threat intelligence (2)