Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...

The FBI Just Busted a Global Phishing Empire Targeting Microsoft 365 Accounts—Here’s How They Beat MFA

Some 17,000 victims were targeted by a global phishing operation that captured credentials and bypassed multi-factor ...
CSO Online

China-linked cloud credential heist runs on typos and SMTP

The Linux-based ELF backdoor is targeting cloud workloads across providers, using SMTP-based C2 and typosquatted Alibaba ...