Geek-Guy.com

Tag: theft

AI, Apps, Data Breaches, Europe, Global Security News

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce records containing personal and corporate information. “Over 600k Salesforce records containing PII and other internal corporate data have been compromised.” The…

Read more →

AI, Cybersecurity, Global Security News

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments. “The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting

Read more →

AI, Global Security News

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens. The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Risk Management

Digital attacks drive a new wave of cargo theft, FBI says

The FBI warns of rising cyber cargo theft, with hackers targeting brokers and carriers. Experts say digital attacks are replacing traditional cargo theft. The FBI has issued a Public Service Announcement (PSA) about a surge in cyber-enabled cargo theft, with hackers increasingly targeting brokers and carriers. This trend confirms earlier findings from Proofpoint and alerts…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security

Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records

Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corporate IT systems after the hacker group ShinyHunters claimed to have stolen over 9 million records. The company did not share details on the security breach. Medtronic is an international medical…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

$293M KelpDAO Crypto Heist Exposes Cross-Chain Weaknesses in DeFi

A $293 million cryptocurrency theft has rocked the decentralized finance (DeFi) ecosystem, with KelpDAO at the center of an attack now suspected to be linked to North Korea’s Lazarus Group.  The attack highlights how quickly sophisticated attackers can exploit weaknesses in cross-chain infrastructure. “Preliminary indicators suggest attribution to a highly sophisticated state actor, likely DPRK’s…

Read more →

AI, Cybersecurity, Global Security News, Network Security, Risk Management

US, UK and Canada disrupt $45M crypto theft in Operation Atlantic

US, UK and Canada ran Operation Atlantic, uncovering $45M in crypto theft and freezing $12M to return to victims. An international law enforcement operation from the US, UK and Canada, codenamed Operation Atlantic, has targeted large-scale cryptocurrency theft schemes. Authorities identified more than $45 million in stolen digital assets and successfully froze around $12 million.…

Read more →

AI, Data Breaches, Exploits, Global Security News

Rockstar Games receives “pay or leak” warning after cyberattack

Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it accessed the company’s Snowflake environment and obtained data. The attackers exploited Anodot, a third-party SaaS platform used for cloud cost monitoring and analytics, as the entry point and…

Read more →

AI, Global Security News, malware

To counter cookie theft, Chrome ships device-bound session credentials

Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled server. Because cookies often have extended lifetimes, attackers can access accounts without passwords, then bundle and sell the stolen credentials. Once malware gains access to a machine, it can read the local files and memory…

Read more →

AI, Global Security News, malware, Russia

CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

CrystalX RAT, a new sophisticated MaaS malware, combines spyware, data theft, and remote access, allowing attackers to monitor victims. In March 2026, Kaspersky researchers uncovered a Telegram-based campaign promoting a previously unknown malware sold as a MaaS with three subscription tiers. The Trojan offers a wide range of features, including RAT capabilities, data theft, keylogging,…

Read more →

AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Europe, Global Security News, Risk Management

European Commission data stolen in a cyberattack on the infrastructure hosting its web sites

The European Commission is continuing to investigate the theft of data from its cloud infrastructure earlier this week. On Thursday, the Commission revealed there had been an attack on its Europa.eu platform, offering few details, then, on Friday, security news site Bleeping Computer reported that the attack had involved the compromise of an account or…

Read more →

AI, Apps, Exploits, Global Security News, malware

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

PyPI is warning of possible credential theft from AI applications and developer pipelines after two malicious versions of the widely used Python middleware for large language models, LiteLLM, were briefly published. “Anyone who has installed and run the project should assume any credentials available to the LiteLLM environment may have been exposed, and revoke/rotate them…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language. Experts say the wiper campaign against Iran materialized this…

Read more →

AI, Global Security News, Network Security

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. “The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on attacker-controlled websites to deploy digitally signed trojans that masquerade as trusted VPN clients

Read more →

AI, Global Security News, Network Security, Risk Management

Untrusted repositories turn Claude code into an attack vector

Flaws in Anthropic’s Claude Code could allow remote code execution and theft of API keys when users open untrusted repositories. Check Point Research team found multiple vulnerabilities in Anthropic’s Claude Code AI coding assistant that could lead to remote code execution and API key theft. The vulnerabilities abuse features such as Hooks, MCP servers, and…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Infostealers Target OpenClaw AI Configuration Files

Infostealer malware is expanding beyond traditional browser and banking credential theft to target personal AI assistant environments. Researchers at Hudson Rock recently identified a live infection in which attackers exfiltrated a victim’s OpenClaw configuration files, including authentication tokens, cryptographic keys, and stored contextual data used by the AI agent. “While the malware may have been…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, News, Risk Management, Threats, trends

Flare Report: Infostealers Are Fueling Enterprise Identity Attacks

Once largely associated with consumer credential theft, infostealer malware is increasingly impacting enterprises.  New research from Flare shows that a rising percentage of infections now expose enterprise Single Sign-On (SSO) and identity provider credentials, creating direct risk for corporate systems, cloud environments, and SaaS platforms. “We’re seeing fewer infections overall, but far higher yield per…

Read more →