ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure
Is that a JuicyPotato on your network? A suspected Chinese-government-backed cyber crew recently broke into a Taiwanese web hosting provider to steal credentials and plant backdoors for long-term access, using a mix of open-source and custom software tools, Cisco Talos reports.…
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of accounts, the phishers have pivoted to using multiple compromised brokerage accounts in unison to manipulate the prices of foreign stocks.
System prompt engineering turns benign AI assistants into 'investigator' and 'detective' roles that bypass privacy guardrails A team of boffins is warning that AI chatbots built on large language models (LLM) can be tuned into malicious agents to autonomously harvest users’ personal data, even by attackers with "minimal technical expertise”, thanks to "system prompt" customization tools from OpenAI and others.…
Some custom malware, some legit software tools At least a dozen ransomware gangs have incorporated kernel-level EDR killers into their malware arsenal, allowing them to bypass almost every major endpoint security tool on the market, escalate privileges, and ultimately steal and encrypt data before extorting victims into paying a ransom.…
Also: Spain Defies Pressure to Eject Huawei, Hackers Leak North Korea Kimsuky DataThis week, Norway said Russian hackers attacked a flood gate, Spain defied pressure to eject Huawei, a cyberattack against the Office of the Pennsylvania Attorney General. Hackers leaked stolen North Korean Kimsuky data, Microsoft patched a Kerberos zero-day and a big Chrome bug bounty.
Proof-of-Concept Attack Demonstrates FIDO Downgrade Against Microsoft Entra IDThe FIDO standard, a bulwark against credential-stealing phishing attacks, has an implementation chink that's poised for commoditization by cybercriminals, say security researchers in news that's good for phishing-as-a-service providers but terrible for everyone else.
Also: Trump Signs Pro-Crypto EO, Credix Disappears After $4.5M HackEvery week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, includes Do Kwon's guilty plea, Trump's crypto-linked executive order, Credix's post-hack disappearance, $7M Odin.fun exploit and hackers using fake Firefox crypto wallet extensions for theft.
Ransomware and infostealers are winning on stealth, not encryption. Picus Blue Report 2025 reveals just 3% of data exfiltration attempts are stopped. Find and fix your biggest exposure gaps before they're exploited. [...]
Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot
Minnesota’s capital is the latest to feature on Interlock’s leak blog after late-July cyberattack The Interlock ransomware gang has flaunted a 43GB haul of files allegedly stolen from the city of Saint Paul, following a late-July cyberattack that forced the Minnesota capital to declare a state of national emergency.…
Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks. [...]
Clinical Diagnostics Lab Hack Among Latest Recent Cyberattacks in the NetherlandsA Dutch population health research agency is notifying 485,000 participants of a cervical cancer screening program of a hacking incident at a clinical diagnostics laboratory that potentially compromised patients' personal and health information, including lab test results.
And yes, there’s the usual credit monitoring Global staffing firm Manpower confirmed ransomware criminals broke into its Lansing, Michigan franchise's network and stole personal information belonging to 144,189 people, months after the extortionists claimed that they pilfered "all of [the company's] confidential data." …
An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show
The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes
Healthcare led all industries in 2024 breaches—over 275M patient records exposed, mostly via weak or stolen passwords. See how the self-hosted password manager by Passwork helps providers meet HIPAA requirements, protect ePHI, and keep care running. Try it free for 1 month. [...]
Manpower, one of the world's largest staffing companies, is notifying nearly 145,000 individuals that their information was stolen by attackers who breached the company's systems in December 2024. [...]
Threat actors have stolen data on at least half a million cancer screening patients
At Least 918K Affected in 2024 BianLian Data Theft AttackA New York-based pediatric practice and its managed services vendor have agreed to pay $5.15 million to settle a proposed class action lawsuit stemming from a 2024 data theft attack affecting more than 918,000 people and allegedly carried out by cybercrime gang BianLian.