Tag: #CredentialTheft
A new LinkedIn phishing campaign is targeting finance executives with fake board invitations to steal Microsoft credentials. The attackers are using LinkedIn’s messaging system instead of traditional email, making this a sophisticated case of social engineering that exploits trust within professional networks. Key Takeaways LinkedIn phishing is becoming a preferred method for targeting professionals. Fake […]
A major npm supply chain attack has compromised more than 40 Node Package Manager (npm) packages, injecting a malicious script called bundle.js to steal sensitive developer credentials. According to security researchers, the campaign, dubbed the Shai-Hulud attack, uses the open-source tool TruffleHog (TruffleHog Secret Scanner) to extract secrets such as GitHub personal access tokens, Node […]
The 2025 Verizon DBIR (Data Breach Investigations Report) highlights a growing truth: cybercriminals don’t care about company size. Whether it’s a global enterprise or a local retailer, attackers are using the same techniques—ransomware, stolen credentials, phishing—across the board. For small- and medium-sized businesses (SMBs), the consequences are often worse because defenses are weaker, budgets are […]