Vulnerability exploitation was the most common access vector for data breaches in 2025, the latest installment of Verizon’s annual Data…
Browsing: credential
Ravie LakshmananMay 19, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have flagged a compromised version of the Nx Console…
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read…
Ravie LakshmananMay 07, 2026Threat Intelligence / Cloud Security Cybersecurity researchers have disclosed details of a new credential theft framework dubbed…
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting…
Ravie LakshmananMay 01, 2026Supply Chain Attack / Malware A new software supply chain attack campaign has been observed using sleeper…
Author: Eirik Salmi, System Analyst at Passwork When a threat actor walks into your network using a legitimate username and…
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js…
A threat actor has been exploiting vulnerable Next.js applications to compromise systems and exfiltrate credentials at scale, Cisco’s Talos security…
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the…