Security news aggregator

Latest coverage for Theft

Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.

Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.

Showing 5 most recent headlines Filtered view

'Cyber Android RAT' Can Capture WhatsApp History, Crypto Seed PhrasesCybercriminals are advertising on criminal hacking online boards an Android remote access Trojan that can steal victims' WhatsApp conversation history, surveil them in real time and extract cryptocurrency seed phrases for the low price of about $500 a month.

Also: Detainment in GainBitcoin Case, Solv Protocol and Gondi HacksThis week, an arrest in a $46M U.S. Marshals theft, a detainment in the GainBitcoin case, exploits at Solv Protocol and Gondi, an Alibaba AI agent's mining attempt, the SEC dropping claims against Justin Sun, Treasury weighing in on mixers, Bithumb facing suspension and a lawsuit against Coinbase.

Iran Expands Targeting, Including AWS, Google and Microsoft InfrastructureMichigan-based medical technology giant Stryker appears to have been hacked by a pro-Iranian group called Handala, leading to global operations being disrupted, IT devices remotely wiped and terabytes of data being stolen. Experts said Handala appears to be a "faketivist" group run by Tehran.

Bug Allows Attackers to Hijack AI Agents Via Poisoned DocumentationSecurity researchers at Noma Labs found a critical flaw in Context7, a widely used tool that feeds AI coding assistants documentation, allowing attackers to plant hidden instructions to steal credentials and delete files without touching a developer's machine.

CRM-Obsessed ShinyHunters Gang Exploits Misconfigured Customer Experience PortalsA prolific and noisy cybercrime gang with a penchant for stealing Salesforce customers' data and holding it ransom is taking advantage of misconfigured guest accounts meant to provide public access to services meant to remain private, using a Google scanning tool to identify vulnerable accounts.