Credentials – NuclearCoffee

Hacker news

100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

On May 20, 2025 3:44 pm, by NuclearCoffee

An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to… Continue reading

Hacker news

The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That

On May 12, 2025 5:45 pm, by NuclearCoffee

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian’s State of… Continue reading

Hacker news

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

On May 09, 2025 4:30 pm, by NuclearCoffee

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. “Disguised… Continue reading

Hacker news

Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches

On May 06, 2025 1:22 pm, by NuclearCoffee

It wasn’t ransomware headlines or zero-day exploits that stood out most in this year’s Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly,… Continue reading

Hacker news

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

On May 05, 2025 6:57 am, by NuclearCoffee

The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their… Continue reading

Hacker news

Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials

On Apr 22, 2025 2:06 pm, by NuclearCoffee

In what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google’s infrastructure… Continue reading

Hacker news

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

On Apr 18, 2025 6:15 am, by NuclearCoffee

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of… Continue reading

Hacker news

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

On Apr 15, 2025 7:18 pm, by NuclearCoffee

Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC cryptocurrency exchange to… Continue reading

Hacker news

New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials

On Mar 29, 2025 8:13 am, by NuclearCoffee

Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that’s primarily designed to target users in Spain and Turkey. “Crocodilus enters the scene not as a… Continue reading

Hacker news

Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets

On Mar 18, 2025 9:37 am, by NuclearCoffee

Microsoft is calling attention to a novel remote access trojan (RAT) named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with… Continue reading

Tag: Credentials

Stay Connected