Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has published data allegedly stolen from Charter Communications after the company apparently refused to pay a ransom. Charter Communications is one of the largest telecommunications companies in the United States. It…
Tag: stolen
AI, Global Security News
MyPillow listed on ransomware gang’s leak site, but denies it has been breached
A notorious ransomware gang claims to have stolen MyPillow’s private data, but CEO Mike Lindell calls it a politically motivated “hit job.” With the countdown ticking toward a massive dark web leak, who is telling the truth? Read more in my article on the Hot for Security blog.
AI, Data Breaches, Endpoint, Global Security News, Risk Management
Why pure extortion is replacing traditional ransomware
Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputational pressure, and stealthier attacks. Ransomware groups are quietly changing strategy in 2026. Instead of encrypting systems and causing immediate disruption, many attackers are now focusing on pure extortion: stealing sensitive data and threatening to leak it publicly if victims refuse to…
AI, Exploits, Global Security News, malware, Network Security, Risk Management
CVE-2026-45585: YellowKey BitLocker Bypass Exposes Encrypted Data on Windows Devices
BitLocker is designed to protect data at rest even when a device is lost, stolen, or powered off, which is why a bypass against that trust model draws immediate attention. The CVE-2026-45585 vulnerability, publicly referred to as YellowKey, is a Windows security feature bypass flaw that Microsoft says can let an attacker with physical access…
Data Breaches, Global Security News
Defenders fall behind, as AI rewrites the rules of a data breach
For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that’s no longer the case. Read more in my article on the Fortra blog.
AI, Data Breaches, Exploits, Global Security News, Network Security
Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach Investigations Report. This is the first time credential theft has been knocked off the top spot in the report’s 19-year history, the company noted. Known initial access vectors over time…
Global Security News
Identity Alone Isn’t Enough: Why Device Security Has to Share the Load
Identity checks alone can’t stop attackers using stolen session tokens and compromised devices. Specops Software outlines why Zero Trust strategies increasingly depend on continuous device verification. […]
AI, Exploits, Global Security News
Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches
Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours.
AI, Global Security News, Risk Management
Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free
Carding forum B1ack’s Stash claims to have released millions of stolen CVV2 payment card records for free after suspending sellers. B1ack’s Stash, one of the most active stolen card marketplaces on the dark web, has released 4.6 million credit card records for free, not because of a law enforcement action or a system compromise, but…
AI, Global Security News
Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the REMUS infostealer evolved around session theft and operational scalability. […]
Global Security News
Thieves unlock stolen iPhones using cheap tools sold on Telegram
Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure used to monetize stolen iPhones. Activation Lock can remotely disable a stolen iPhone and prevent normal resale, with owners also able to lock individual components. Even with those protections, more than 7.35 million iPhones…
AI, Global Security News
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber-enabled cargo crime is changing transportation security. […]
Cybersecurity, Data Breaches, Global Security News
Over 70% of organizations hit by identity breaches
Attackers rely on stolen credentials, compromised service accounts, and social engineering attacks targeting employees, according to Sophos’ The State of Identity Security 2026 survey. What do you estimate to be the overall cost to your organization to rectify the identity breach? Base: organization could not stop the security breach. n=510. (Source: Sophos) Identity attack trends…
Global Security News
Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak
Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a public leak.
AI, Data Breaches, Global Security News
Instructure hacker claims data theft from 8,800 schools, universities
The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million data records for students and staff from 8,809 colleges, school districts, and online education platforms. […]
AI, Global Security News
Instructure confirms data breach, ShinyHunters claims attack
Educational tech giant Instructure has confirmed that data was stolen in a cyberattack, with the ShinyHunters extortion gang claiming responsibility. […]
AI, Global Security News
15-year-old detained over French govt agency data breach
French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country’s agency for issuing and managing administrative documents. […]
AI, Exploits, Global Security News, Risk Management
Carding service Jerry’s Store leak exposes 345,000 stolen payment cards
Jerry’s Store, a card-checking service used by cybercriminals, exposed 345,000 stolen payment cards after leaving its server open, revealing sensitive data. A cybercriminal operation known as Jerry’s Store has reportedly exposed a large cache of stolen payment card data after leaving its own infrastructure accessible online. The service appears to have been used to test…
AI, Global Security News
Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards
A misconfigured server linked to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an AI coding error caused a major security flaw.
Global Security News, malware, Russia
Three Arrested for Hacking Over 610,000 Roblox Accounts
Suspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplaces
AI, Global Security News, malware
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
The North Korean group is using stolen victim videos, AI-generated avatars, and fake Zoom calls to scale malware attacks against cryptocurrency executives.
AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, privacy
The Best VPNs for Small Businesses on a Budget in 2026
One wrong click. One rogue Wi-Fi connection. One stolen credential. That’s all it takes for a cybercriminal to breach your small business. And while you may not have an enterprise-sized budget, you still have plenty to lose: sensitive data, client trust, even your reputation. That’s where a virtual private network (VPN) comes in. A VPN…
Data Breaches, Global Security News
Vercel Employee’s AI Tool Access Led to Data Breach
Stolen OAuth tokens, which are at the root of these breaches, “are the new attack surface, the new lateral movement,” a researcher noted.
AI, Global Security News, Risk Management, Russia
Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence
Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the company attributes to Western intelligence agencies. The stolen funds belonged to Russian users, as the…
AI, Data Breaches, Exploits, Global Security News
DraftKings hacker sentenced to prison, ordered to pay $1.4 Million
A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30-month prison sentence for his role in a 2022 credential stuffing attack against DraftKings. He continued selling stolen login data online even after pleading…
AI, Data Breaches, Global Security News
5 Ways Zero Trust Maximizes Identity Security
Stolen credentials remain a top breach vector, often leading to unchecked privilege escalation. Specops explains how identity-first Zero Trust limits access, enforces device trust, and blocks lateral movement. […]
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
$3.6 Million Crypto Heist Targets Bitcoin Depot
Attackers have stolen more than $3.6 million in Bitcoin from crypto ATM operator Bitcoin Depot after breaching its internal systems. The incident, disclosed in a recent regulatory filing, shows how quickly attackers can monetize access once inside corporate environments. The “unauthorized actor transferred approximately 50.903 Bitcoin from Company-controlled wallets, valued at approximately $3.665 million as…
Global Security News
When attackers already have the keys, MFA is just another door to open
Stolen credentials turn authentication systems into the attack surface. Token shows how wearable biometric authentication verifies the user—not the session—blocking phishing relays and MFA bypass. […]
AI, Global Security News
Evolution of Ransomware: Multi-Extortion Ransomware Attacks
Multi-extortion ransomware relies on stolen data to pressure victims with public leaks. Penta Security explains how its D.AMO platform keeps exfiltrated files encrypted and useless to attackers. […]
AI, Apps, Cloud Security, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
Alleged Starbucks Incident Exposes Code and Firmware
A threat group is claiming to have breached Starbucks and stolen 10GB of sensitive data, including proprietary source code and firmware tied to its in-store machines and global operations. The group, ShadowByt3s, alleges it accessed a misconfigured Amazon S3 bucket and is now threatening to leak the data unless a ransom is paid. “The leak…
Global Security News
New ‘Storm’ Infostealer Remotely Decrypts Stolen Credentials
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls
AI, Data Breaches, Global Security News
Cisco source code stolen in Trivy-linked dev environment breach
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. […]
AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
Insider Threats Rise with North Korean AI Hiring Fraud Schemes
A suspected North Korean operative attempted to infiltrate a cybersecurity firm using a stolen identity and an AI-generated resume, underscoring how hiring pipelines are becoming an attack vector. The failed attempt reveals how threat actors are blending identity theft, automation, and anonymized infrastructure to bypass traditional recruiting safeguards. “In June 2025, we used a combination…
AI, Global Security News
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it. […]
AI, Data Breaches, Global Security News, malware, Russia
Russian authorities arrest alleged LeakBase admin behind stolen data marketplace
Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested the suspected administrator of LeakBase, a cybercrime forum used to trade stolen personal data. The suspect, from Taganrog, is accused of running the platform since 2021. During a search of his home, authorities seized…
Global Security News
HackerOne discloses employee data breach after Navia hack
Bug bounty platform HackerOne is notifying hundreds of employees that their data was stolen after attackers hacked Navia, one of its U.S. benefits administrators. […]
AI, Global Security News
Going the Extra Mile: Travel Rewards Turn into Underground Currency.
Stolen airline miles are converted into flights and hotel stays, then resold as discounted travel. Flare shows how cybercriminals and underground markets treat loyalty accounts like tradable currency. […]
AI, Data Breaches, Global Security News
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim’s cloud environment within a span of 72 hours. The attack started with the theft of a developer’s GitHub token, which the threat actor then used to gain unauthorized access…
AI, Global Security News
ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data
ShinyHunters claims to have stolen data from 400 firms via Salesforce portals and is threatening to leak the information unless ransom demands are paid.
AI, Global Security News
ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
Global Security News
LeakBase Cybercrime and Hacker Forum Seized
Europol seizes LeakBase cybercrime and hacker forum used to trade stolen data, disrupting a global platform with over 140,000 members.
Global Security News, Network Security
Where Multi-Factor Authentication Stops and Credential Abuse Starts
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise networks every day using valid credentials. The issue is not MFA itself, but coverage. Enforced through an identity provider (IdP) such as Microsoft Entra ID, Okta,…
AI, Global Security News, malware, Network Security
Fake Zoom, Teams Meeting Invites Use Compromised Certificates to Drop Malware
A new phishing campaign is using stolen certificates from TrustConnect Software PTY LTD to sign malware. By impersonating updates for Zoom and Microsoft Teams, hackers install RMM tools to gain persistent, privileged access to networks
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management, Russia
Treasury Sanctions Russian Exploit Brokerage
The U.S. government has imposed sanctions on a foreign exploit brokerage accused of purchasing and reselling stolen government cyber tools under the Protecting American Intellectual Property Act (PAIPA). This action targets Operation Zero, a Russia-linked exploit broker, and signals a tougher stance against markets that monetize zero-day vulnerabilities tied to national security systems. “If you…
Global Security News, Government & Policy
US Sanctions Russian Exploit Broker Over Stolen US Cyber Tools
The US Treasury targets Sergey Zelenyuk and his firm Operation Zero for the illegal trade of stolen government cyber tools following the sentencing of Peter Williams.
AI, Data Breaches, Global Security News
ShinyHunters Claims Odido NL and Ben.nl Breach as Company Confirms Cyberattack
ShinyHunters claims 21 million records stolen in Odido NL and Ben.nl data breach as telecom company confirms cyberattack impacting customer contact system data.
Exploits, Global Security News, Russia
US sanctions Russian broker for buying stolen zero-day exploits
The U.S. Treasury Department has sanctioned a Russian exploit broker who bought stolen hacking tools from a former executive of a U.S. defense contractor. […]
AI, Global Security News
When identity isn’t the weak link, access still is
Stolen tokens and compromised devices let attackers reuse trust without breaking authentication. Specops Software explains why identity alone isn’t enough and how continuous device verification strengthens Zero Trust. […]
AI, Global Security News, Government & Policy, Network Security
North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.
A Ukrainian man was sentenced to five years in the U.S. for helping North Korean IT workers use stolen identities to get hired by U.S. firms. Oleksandr “Alexander” Didenko, a 29-year-old Ukrainian national, has been sentenced to five years in a U.S. prison for supporting North Korea’s fraudulent IT worker scheme. Didenko admitted stealing U.S.…
AI, Global Security News, Risk Management
How infostealers turn stolen credentials into real identities
Infostealer dumps increasingly tie stolen credentials to real identities, linking usernames, cookies, and behavior across personal and enterprise accounts. Specops explains how analyzing 90,000 dumps shows reuse fuels enterprise risk and how continuous AD scanning disrupts that cycle. […]
AI, Data Breaches, Global Security News, Government & Policy
French Ministry confirms data access to 1.2 Million bank accounts
A hacker accessed data from 1.2 million French bank accounts using stolen official credentials, the Economy Ministry said. A hacker gained access to data from 1.2 million French bank accounts using stolen credentials belonging to a government official, according to the French Economy Ministry. French authorities said affected account holders will be notified in the…
AI, Exploits, Global Security News
Telegram channels expose rapid weaponization of SmarterMail flaws
Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE-2026-24423 and CVE-2026-23760 tied to ransomware activity. […]
AI, Data Breaches, Global Security News
Data breach at fintech firm Figure affects nearly 1 million accounts
Hackers have stolen the personal and contact information of nearly 1 million accounts after breaching the systems of Figure Technology Solutions, a self-described blockchain-native financial technology company. […]
AI, Compliance, Cybersecurity, Data Breaches, Europe, Global Security News
Hackers sell stolen Eurail traveler information on dark web
Eurail B.V. revealed that traveler data were stolen in a recent security breach, and are now being sold on the dark web. Eurail B.V. confirmed that the traveler data stolen in a breach earlier this year is now being offered for sale on the dark web. The company disclosed the development as part of its…
AI, Data Breaches, Global Security News
Canada Goose investigating as hackers leak 600K customer records
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told BleepingComputer the dataset appears to relate to past customer transactions and that it has not found evidence of a breach of its own systems. […]
AI, Global Security News, malware
North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms
Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware