Phishing Attacks Targeted Facebook Users With Fake Verification Offer
Attacks also used a compromised chatbot in campaign to steal sensitive information from Business Users
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
Weekly headline count for the current query.
Attacks also used a compromised chatbot in campaign to steal sensitive information from Business Users
Opera GX flaw let sites automatically install mods to steal data from other pages, now patched
Nissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaign
The UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidents
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
Aikido Security has discovered at least 15 IDE plugins on the JetBrains Marketplace
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed
MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto
North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto
OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft
Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets
A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research
ShinyHunters has escalated its Canvas extortion campaign, defacing hundreds of school login pages and threatening to leak stolen data unless institutions negotiate
Cisco Talos uncovers CloudZ RAT and Pheno plugin abusing Microsoft Phone Link to intercept SMS OTPs
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
Suspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplaces
Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX
Researchers uncover a new data theft and extortion group dubbed “BlackFile”
Malicious npm packages spread via worm-like propagation and steal developer credentials