GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1041 — Exfiltration Over C2 Channel (Exfiltration)
Clear filter74 articles found
How Storm-2949 turned a compromised identity into a cloud-wide breach
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. This incident...
Grafana confirms GitHub token breach cybercrime group claims the attack
Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incid...
Hackers Abuse Cloudflare Storage to Exfiltrate Network Files
A sophisticated cyber espionage campaign targeting multiple Malaysian organizations has been uncovered, revealing a highly structured attack chain that blend...
Critical FunnelKit Vulnerability Puts 40,000+ WooCommerce Sites at Risk
A critical security vulnerability in the Funnel Builder plugin by FunnelKit is actively being exploited, putting more than 40,000 WooCommerce websites at ris...
Critical ‘Claw Chain’ Vulnerabilities Put Thousands of OpenClaw AI Servers at Risk
Critical Claw Chain vulnerabilities in OpenClaw expose thousands of AI servers to data theft, backdoors, and admin-level attacks globally this week. .
Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities
A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and pers...
Cyberattack on West Pharmaceutical halts manufacturing across multiple sites
West Pharmaceutical Services has disclosed a ransomware attack that disrupted manufacturing, shipping, and receiving operations across multiple global facili...
Foxconn factories resume operations after ransomware attack
The attack impacted Foxconn's North American facilities, with the Nitrogen ransomware group claiming to have exfiltrated over 11 million documents, including...
Nitrogen Ransomware claims massive data theft from Foxconn
Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm.
West Pharmaceutical says hackers stole data, encrypted systems
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [.
OpenLoop Health confirms January 2026 Data breach affecting 716,000
In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confir...
When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise
Overview Attackers do not need to break into the front door when they can convince employees to open it for them through the tools they already trust. In Apr...
716,000 Impacted by OpenLoop Health Data Breach
The telehealth platform was hacked in January, and users’ personal information was exfiltrated from its systems. The post 716,000 Impacted by OpenLoop Health...
Instructure settles with hackers following massive student data theft
Educational tech firm Instructure reached a deal with hackers after a major Canvas breach exposed data stolen from schools and universities.
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that us...
Instructure took a risky approach to recover stolen Canvas data
Instructure, the company behind the online learning platform Canvas, said it reached an agreement with the extortion group ShinyHunters to prevent data stole...
Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform
The company that operates online learning system Canvas said it struck a deal with hackers to delete the data they pilfered in a cyberattack that created cha...
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware. The post West Pharmaceutical Services Hit b...