The Chinese APT group Lotus Blossom intruded the tool’s internal systems to snoop on a limited set of users’ activities, according to researchers.

The service became a prolific tool for cybercriminals in the past year, as it facilitated thousands of attacks involving credential theft, account takeovers, mass phishing and payment…

Experts told CyberScoop the research 'doesn’t pass a sniff test' and detracts from needed conversations around credential abuse and information stealers.

The large education tech vendor was hit by a cyberattack and paid a ransom in December. Now, a threat actor is attempting to extort the company’s customers…

Infostealers fueled the staying power of identity-based attacks, increasing 84% on a weekly average last year, according to IBM X-Force.

Cisco Talos observed identity-based attacks in 60% of the incidents it responded to last year.

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint.

The credentials are likely for future phishing and spam campaigns, Sysdig researchers said.

Dariy Pankov faces up to 47 years in prison on charges linked to credential sales and offering access to the NLBrute malware.

The suspect's group accumulated at least 50 million unique credentials from "millions of potential victims" worldwide, the DOJ said.