#data-theft

[ follow ]
#cybersecurity #malware #cybercrime #ransomware #social-engineering #phishing #hacking #supply-chain-attack
#cybercrime
Privacy professionals
fromTheregister
9 months ago

Opsec oversights: How cybercrooks get themselves caught

Cybercriminals' shortcuts lead to their capture and significant damages.
Success in cybercrime can lead to overconfidence and operational security failures.
Information security
fromThe Hacker News
1 day ago

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A Brazilian cybercrime group targets Minecraft players with LofyStealer malware disguised as a hack called 'Slinky'.
more#cybercrime
#cybersecurity
Information security
fromSecurityWeek
2 weeks ago

Google Warns of New Campaign Targeting BPOs to Steal Corporate Data

A financially motivated threat actor, UNC6783, targets BPO organizations to steal sensitive data from high-value companies using social engineering and phishing tactics.
Information security
fromTheregister
2 weeks ago

'Several dozen' orgs targeted by a new extortion crew

A new extortion crew, UNC6783, targets high-value corporations using phishing and social engineering tactics to steal sensitive data.
Information security
fromSecurityWeek
2 weeks ago

Google Warns of New Campaign Targeting BPOs to Steal Corporate Data

A financially motivated threat actor, UNC6783, targets BPO organizations to steal sensitive data from high-value companies using social engineering and phishing tactics.
more#cybersecurity
#malware
fromZDNET
10 months ago
Privacy technologies

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

SparkKitty malware targets sensitive screenshots, particularly related to crypto wallets, posing a threat to user security.
fromThe Hacker News
10 months ago
Growth hacking

1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub

A multi-stage malware campaign is targeting Minecraft users through a Java-based malware exploiting a distribution-as-service framework.
Information security
fromInfoWorld
1 week ago

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.
Information security
fromTechRepublic
1 week ago

Fake Google Antigravity Installer Can Steal Accounts in Minutes

A fake Google Antigravity download exposes user accounts to compromise by delivering malware alongside the legitimate application.
fromZDNET
10 months ago
Privacy technologies

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

more#malware
Information security
fromTechRepublic
1 week ago

Malicious TikTok Downloader Extensions Quietly Compromised 130K Users

Browser extensions disguised as TikTok video downloaders are compromising user data, highlighting vulnerabilities in enterprise security.
Information security
fromTheregister
1 week ago

Adaptavist Group breach: Ransomware crew claims mega-haul

Adaptavist Group is investigating a security breach involving stolen credentials, while a ransomware group claims to have accessed extensive data.
Information security
fromSecurityWeek
2 weeks ago

100 Chrome Extensions Steal User Data, Create Backdoor

Over 20,000 users installed malicious Chrome extensions that steal information, provide backdoors, or inject ads, as reported by cybersecurity firm Socket.
Privacy professionals
fromKotaku
2 weeks ago

GTA 6 Hackers Say They Will Release The Breached Data After Ransom Demands Not Met - Kotaku

ShinyHunters plans to publish stolen data from Rockstar after ransom demands were not met.
Information security
fromThe Hacker News
2 weeks ago

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.
Information security
fromTechRepublic
2 weeks ago

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

Attackers exploit a zero-day vulnerability in Adobe Acrobat Reader to steal data and potentially take over systems using malicious PDF files.
Information security
fromSecurityWeek
4 weeks ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.
Information security
fromThe Hacker News
1 month ago

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword, a new iOS exploit kit targeting iPhones running iOS 18.4-18.7, has been deployed by multiple threat actors since November 2025 to steal credentials and cryptocurrency wallet data.
#iphone-security
Information security
fromEngadget
1 month ago

A new iPhone hacking tool puts anyone still on iOS 18 at risk

DarkSword is a fileless iPhone hacking technique that steals sensitive data through malicious web pages and automatically deletes evidence, potentially affecting close to a quarter of iPhones running iOS 18.
Apple
fromThe Verge
1 month ago

PSA: Hackers can raid iOS 18 with an infected link

DarkSword, a new hacking tool targeting iPhones running iOS 18.4 to 18.6.2, exploits six vulnerabilities to steal messages, contacts, credentials, cryptocurrency wallets, and personal data through malicious links.
Information security
fromEngadget
1 month ago

A new iPhone hacking tool puts anyone still on iOS 18 at risk

DarkSword is a fileless iPhone hacking technique that steals sensitive data through malicious web pages and automatically deletes evidence, potentially affecting close to a quarter of iPhones running iOS 18.
Apple
fromThe Verge
1 month ago

PSA: Hackers can raid iOS 18 with an infected link

DarkSword, a new hacking tool targeting iPhones running iOS 18.4 to 18.6.2, exploits six vulnerabilities to steal messages, contacts, credentials, cryptocurrency wallets, and personal data through malicious links.
more#iphone-security
Privacy technologies
fromIrish Independent
1 month ago

New DarkSword iPhone hack 'can steal everything' just by visiting the wrong website

DarkSword malware affects hundreds of millions of iPhones running iOS 18, stealing passwords, messages, photos, and wallet details without user detection.
Information security
fromTheregister
1 month ago

Fake job applications pack malware that disables EDR

Russian cybercriminals target HR teams with malicious CVs disguised as job applications to install malware that disables security tools and steals corporate data.
Information security
fromThe Hacker News
1 month ago

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

A malicious npm package impersonating OpenClaw deploys a remote access trojan and steals sensitive data including credentials, crypto wallets, SSH keys, and browser data from infected systems.
Healthcare
fromTechCrunch
1 month ago

TriZetto confirms 3.4M people's health and personal data was stolen during breach | TechCrunch

TriZetto confirmed that hackers stole personal and health information from 3.4 million people in a 2024 cyberattack that went undetected for nearly a year.
#cybersecurity-breach
more#cybersecurity-breach
fromSecurityWeek
1 month ago

LeakBase Cybercrime Forum Shut Down, Suspects Arrested

A credit-based economy and reputation-driven user system helped build trust among offenders and sustain a thriving underground forum. One of the forum's notable internal rules prohibited the sale or publication of any data related to Russia, hinting at the origin of LeakBase's operators.
Privacy professionals
Information security
fromTheregister
2 months ago

Double whammy: Steaelite RAT bundles data theft, ransomware

Steaelite, a new remote access trojan sold on cybercrime networks, enables double extortion attacks on Windows machines through ransomware, data theft, credential stealing, and live surveillance controlled via a centralized browser-based dashboard.
Information security
fromTheregister
2 months ago

30+ Chrome extensions disguised as AI chatbots steal secrets

Malicious Chrome extensions posing as AI assistants steal API keys, emails, and personal data while using a shared codebase and remote iframe control.
Information security
fromSecurityWeek
2 months ago

New 'ZeroDayRAT' Spyware Kit Enables Total Compromise of iOS, Android Devices

ZeroDayRAT is a commercially sold mobile spyware toolkit that grants full remote control of Android and iOS devices and extensive data-theft capabilities.
France news
fromTechCrunch
2 months ago

French police search X office in Paris, summons Elon Musk for questioning | TechCrunch

French authorities raided X's Paris office in an expanded probe into fraudulent data extraction, distribution of child sexual abuse material, privacy violations, and Holocaust denial.
Canada news
fromDataBreaches.Net
3 months ago

Desjardins data breach: Quebec suspect arrested in Spain - DataBreaches.Net

Juan Pablo Serrano, wanted across Canada for multimillion-dollar fraud and Desjardins client data theft, was arrested in Spain and will be extradited to face charges.
Information security
fromTheregister
3 months ago

Resecurity traps former ShinyHunters in honeypot

Resecurity's honeypot deceived Scattered Lapsus$ Hunters, leading to a successful login to synthetic systems and prompting a subpoena for one data thief.
Education
fromwww.independent.co.uk
4 months ago

Teacher caught with hundreds of stolen bank card details banned from the classroom

A maths teacher was banned after police found hundreds of stolen bank card details and online banking logins on his devices; he accepted a caution.
#ransomware
more#ransomware
#trade-secrets
more#trade-secrets
Law
fromwww.housingwire.com
5 months ago

Stockton Mortgage sues Novus over borrower diversion

Former Stockton employees allegedly diverted borrower accounts and confidential data to Novus while still employed, prompting Stockton to sue for breach and data theft.
Information security
fromTechCrunch
6 months ago

'Dozens' of organizations had data stolen in Oracle-linked hacks | TechCrunch

Clop used a zero-day in Oracle E-Business Suite to steal corporate executive and company data from dozens of organizations since at least July 10.
Information security
fromFortune Crypto
7 months ago

Suspect in Coinbase hack kept data for more than 10,000 customers on her phone, court filing alleges | Fortune Crypto

A TaskUs employee, Ashita Mishra, stole and sold Coinbase customer data enabling criminals to impersonate staff and steal cryptocurrency, affecting over 69,000 customers.
Information security
fromIT Pro
8 months ago

Flaw in Lenovo's customer service AI chatbot could let hackers run malicious code, breach networks

Lenovo's AI chatbot Lena has a critical security flaw that can lead to data theft and system compromises.
fromIT Pro
8 months ago

Millions of Dell laptops are are at risk thanks to a Broadcom chip vulnerability - and more than 100 device models are impacted

These findings highlight the importance of evaluating the security posture of all hardware components within your devices, not just the operating system or software.
Privacy technologies
Information security
fromThe Hacker News
9 months ago

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

Russian organizations are being targeted by a campaign using new spyware called Batavia to steal sensitive internal documents.
UK news
fromTheregister
10 months ago

GCHQ intern jailed for stealing top-secret files

A GCHQ intern was sentenced to seven-and-a-half years for stealing sensitive files during his placement.
Node JS
fromBleepingComputer
11 months ago

Dozens of malicious packages on NPM collect host and network data

60 malicious NPM packages were found that collect sensitive data and send it to threat actors through Discord webhooks.
Threat actors employed names similar to legitimate packages to deceive developers and infiltrate systems.
Law
fromBoston.com
11 months ago

Worcester college student pleads guilty to cyber crimes

Matthew Lane pled guilty to cyber extortion charges after hacking and demanding ransom from two companies.
EU data protection
fromTheregister
11 months ago

M&S admits cybercrooks made off with customer info

M&S confirms customer data was stolen in cyberattack, indicating possible ransomware involvement, but reassures that payment details were not compromised.
fromIT Pro
11 months ago

This hacker group is posing as IT helpdesk workers to target enterprises - and researchers warn its social engineering techniques are exceptionally hard to spot

As of March 2025, Luna Moth has registered at least 37 domains through GoDaddy to support its callback phishing campaigns, primarily targeting major US law firms.
Marketing tech
fromArs Technica
11 months ago

Hundreds of e-commerce sites hacked in supply-chain attack

The widespread supply chain attack targeted at least 500 e-commerce sites, compromising sensitive customer data by executing malicious code via visited browsers.
E-Commerce
[ Load more ]