credential theft
Coverage of credential theft in the Nexus archive.
- AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
AI-powered phishing attacks are generating high-volume alerts, overwhelming Security Operations Centers (SOCs) and Tier 1 analysts. Attackers use AI to create convincing emails and fake login pages, increasing the workload for security teams to review alerts and detect threats like credential theft or malware.
- What 2026 DBIR Confirms: Attacks Are Living in the Browser
The 2026 Verizon DBIR report highlights that phishing, shadow AI, malicious browser extensions, and credential theft are increasingly occurring within web browsers, underscoring significant security vulnerabilities at the browser layer.
- Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A new software supply chain attack campaign uses sleeper packages to push malicious payloads, enabling credential theft, GitHub Actions tampering, and SSH persistence. The attack is attributed to the GitHub account 'BufferZoneCorp,' which published malicious Ruby gems and Go modules.
- PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
Threat actors compromised the PyTorch Lightning Python package, publishing malicious versions 2.6.2 and 2.6.3 on April 30, 2026, to steal credentials. Security firms Aikido Security, Socket, and StepSecurity reported the attack, which is part of an ongoing supply chain campaign.
- Official SAP npm packages compromised to steal credentials
Multiple official SAP npm packages were compromised in a TeamPCP supply-chain attack, aiming to steal developer credentials and authentication tokens. The breach highlights vulnerabilities in software supply chains and developer security practices.
- Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is being actively exploited for credential theft. The flaw allows attackers to execute arbitrary code without prior authentication, posing significant security risks.