All news

credential theft

(5 articles)
108 Malicious Chrome Extensions Steal User Data

April 14, 2026

108 Malicious Chrome Extensions Steal User Data

108 malicious Chrome extensions were caught stealing Google and Telegram credentials from 20,000 users. Here's how they work and how to protect yourself.

LiteLLM Flaw Turns Dev Machines Into Credential Vaults

April 6, 2026

LiteLLM Flaw Turns Dev Machines Into Credential Vaults

A critical LiteLLM vulnerability exposed developer machines as credential vaults for attackers. Learn how it works and how to protect your AI toolchain now.

Hackers Exploit React2Shell in Automated Credential Theft Campaign

April 5, 2026

Hackers Exploit React2Shell in Automated Credential Theft Campaign

CVE-2025-55182 in React2Shell is being weaponized to steal AWS keys, SSH keys, and env secrets from Next.js apps at scale. 766 hosts hit in 24 hours.

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

April 2, 2026

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Attackers exploited CVE-2025-55182 to compromise 766 Next.js hosts and harvest credentials. Here's what happened and how to protect your app.

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

March 24, 2026

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

TeamPCP compromised Checkmarx GitHub Actions pipelines using stolen CI credentials - here is what happened and how to lock down your own pipelines.