Your Next Breach Will Look Like Business as Usual
These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks.
Stolen credentials can enable account takeover and lateral movement; phishing-resistant MFA, password managers, and rapid revocation reduce the risk.
Search across headline titles and summaries.
Background for this topic.
Credentials are the data used to verify a user's identity to a system, commonly including usernames, passwords, security tokens, or biometric identifiers. They serve as gatekeepers for access to accounts, applications, and sensitive information. Attackers target credentials to impersonate users, escalate privileges, or gain unauthorized system access.
Compromise of credentials can occur through phishing, credential stuffing, or theft from insecure storage. Effective defenses include enforcing strong, unique passwords, implementing multi-factor authentication (MFA), and securely storing credentials using hashing or encryption. Monitoring for unusual login patterns and promptly revoking compromised credentials are also critical to limit attacker impact.
These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks.
Six-hour breach turned trusted links into a coin toss between legit tools and credential stealers Visitors to the CPUID website were briefly exposed to malware this week after attackers hijacked part of its backend, turning trusted download links into a delivery mechanism for something far less welcome.…
Chrome’s Device Bound Session Credentials is designed to block infostealers from harvesting session cookie
Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials of C-suite executives across multiple industries. [...]
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. [...]
Stolen credentials turn authentication systems into the attack surface. Token shows how wearable biometric authentication verifies the user—not the session—blocking phishing relays and MFA bypass. [...]
Threat actors often signal their intentions before launching attacks, from dark web chatter to access-broker listings and credential requests. Join our upcoming webinar with Flare Systems to learn how to turn those early warning signs into proactive defensive action before an intrusion begins. [...]
Even fitness equipment is vulnerable to mischief makers these days PWNED Welcome back to Pwned, the column where we share war stories from IT soldiers who shot themselves – or watched someone else shoot themselves – in the foot. Today's tale shows that even when you're setting up something as simple as fitness gear, there's no excuse for leaving security credentials lying around.…
Okta's Brett Winterford on Identity Threats and Agentic AI RisksAI is accelerating cyberattacks, collapsing timelines and exposing new identity risks. Okta's Brett Winterford explains how attackers are using AI to scale phishing, exploit credentials and infiltrate enterprises - and what CIOs must do to defend against this rapidly evolving threat landscape.
Forest Blizzard, a threat group attributed to Russia’s GRU, hijacked network traffic to steal credentials and tokens for Microsoft accounts and other services. The post Feds quash widespread Russia-backed espionage network spanning 18,000 devices appeared first on CyberScoop.
An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. [...]
Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS servers
When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. Avoiding even one major incident is enough to justify most security investments, but that headline figure obscures the more persistent problems caused by recurring credential
An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.
Infostealers are harvesting credentials and session cookies at scale, bypassing traditional defenses. Lunar explains why simple breach monitoring alone can't keep up with modern credential-based attacks. [...]
The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local AI agents
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. [...]