tag
Credential Theft
26 posts
- Active Supply Chain Attack Compromises @antv Packages on npm
- Mini Shai-Hulud: The Worm Returns and Goes Public
- Kazuar: Anatomy of a nation-state botnet
- PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
- LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chilean Enterprises
- Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft
- 5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet and Credential Stealer
- New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know
- Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
- Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI
- Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise
- lightning PyPI Package Compromised in Supply Chain Attack
- TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages
- Malicious npm Package Brand-Squats TanStack to Exfiltrate Environment Variables
- 'Mini Shai-Hulud' supply chain attack targets SAP npm packages
- Tools Change. Habits Don’t. We Saw It Up Close.
- Supply chain attacks hit Checkmarx and Bitwarden developer tools
- Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions
- The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables
- BlobPhish: The Phantom Phishing Campaign Hiding in Browser Memory
- Your Supply Chain Breach Is Someone Else's Payday
- Why Executive Accounts Are the Hardest Identity Problem to Solve
- The Telnyx PyPI Compromise and the 2026 TeamPCP Supply Chain Attacks
- Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise
- 2025 Identity Threat Landscape Report
- Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft