compromised accounts
Coverage of compromised accounts in the Nexus archive.
- Webinar: How attackers bypass MFA and how defenders can respond
Modern phishing attacks, including Device Code phishing, can bypass MFA protections to access corporate accounts without stealing passwords. The webinar discusses how behavioral AI can help detect compromised accounts and automate response workflows.
- Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel discovered additional compromised customer accounts linked to a security breach associated with Context.ai. The company expanded its investigation using new compromise indicators and reviewed network activity to identify the issue.
- New npm supply-chain attack self-spreads to steal auth tokens
A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and self-spreading by publishing malicious packages from compromised accounts. The attack exploits the npm package distribution system to propagate and exfiltrate authentication tokens.