Microsoft: Hackers steal emails in device code phishing attacks
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. [...]
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. [...]
A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]
Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts
Some employees steal sticky notes, others 'borrow' malicious code A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.…
Also: Complaint Against Trump, Melania MemecoinsThis week's stories include sentencing in a $37 million theft, $9 million zkLend theft, Tornado Cash developer's pretrial detention release, guilty plea in SEC hack, an update on a crypto-using murderer, case against Trump memecoin, and a prisoner exchange involving a Russian Bitcoin fraud suspect.
A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud
SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware
Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. [...]
'Near-global' initial access campaign active since 2021 An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…
Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks
Remote position, webcam not working, then glitchy AI face ... Red alert! Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP.…
Dark web site seized, four cuffed in Thailand An international police operation spanning the US, Europe, and Asia has shuttered the 8Base ransomware crew's dark web presence and resulted in the arrest of four European suspects accused of stealing $16 million from more than 1,000 victims worldwide.…
After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.
Ransomware Group Embargo Claims to Have Published 1.15TB of Hospital's Stolen DataA rural Georgia hospital and its nursing home are among several other regional healthcare entities notifying tens of thousands of patients that their information was compromised in recent hacks. Ransomware gang Embargo claims to have published 1.15 terabytes of stolen data in one of those incidents.
Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool.
A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies