Skip to content
The Nexus
DossierENTITY

credential theft

Coverage of credential theft in the Nexus archive.

Earliest in view: Apr 12 · 14:20 UTCMost recent: Jun 8 · 13:00 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 8 · 13:00 UTCTHE HACKER NEWS
    AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload

    AI-powered phishing attacks are generating high-volume alerts, overwhelming Security Operations Centers (SOCs) and Tier 1 analysts. Attackers use AI to create convincing emails and fake login pages, increasing the workload for security teams to review alerts and detect threats like credential theft or malware.

  • SECURITYJun 5 · 14:00 UTCBLEEPING COMPUTER
    What 2026 DBIR Confirms: Attacks Are Living in the Browser

    The 2026 Verizon DBIR report highlights that phishing, shadow AI, malicious browser extensions, and credential theft are increasingly occurring within web browsers, underscoring significant security vulnerabilities at the browser layer.

  • SECURITYMay 1 · 09:43 UTCTHE HACKER NEWS
    Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

    A new software supply chain attack campaign uses sleeper packages to push malicious payloads, enabling credential theft, GitHub Actions tampering, and SSH persistence. The attack is attributed to the GitHub account 'BufferZoneCorp,' which published malicious Ruby gems and Go modules.

  • SECURITYApr 30 · 16:31 UTCTHE HACKER NEWS
    PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

    Threat actors compromised the PyTorch Lightning Python package, publishing malicious versions 2.6.2 and 2.6.3 on April 30, 2026, to steal credentials. Security firms Aikido Security, Socket, and StepSecurity reported the attack, which is part of an ongoing supply chain campaign.

  • SECURITYApr 29 · 22:43 UTCBLEEPING COMPUTER
    Official SAP npm packages compromised to steal credentials

    Multiple official SAP npm packages were compromised in a TeamPCP supply-chain attack, aiming to steal developer credentials and authentication tokens. The breach highlights vulnerabilities in software supply chains and developer security practices.

  • SECURITYApr 12 · 14:20 UTCBLEEPING COMPUTER
    Critical Marimo pre-auth RCE flaw now under active exploitation

    A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is being actively exploited for credential theft. The flaw allows attackers to execute arbitrary code without prior authentication, posing significant security risks.

credential theft · Dossier · The Nexus