Hackers Poison Axios npm Package with 100 Million Weekly Downloads
Axios npm Package compromised in a supply chain attack, exposing developers to malware, data theft, and full system takeover risks worldwide.
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1041 — Exfiltration Over C2 Channel (Exfiltration)
Clear filter63 articles found
ChatGPT Security Issue Enabled Data Theft via Single Prompt
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole
Initial Access Brokers have Shifted to High-Value Targets and Premium Pricing
Initial Access Brokers (IABs) are a key component of the cybercrime ecosystem, offering hassle-free building blocks for ransomware, data theft, and extortion...
OpenAI fixes Codex flaw that could lead to GitHub token theft
A command injection hidden in a branch name could cause an OAuth token to be exfiltrated.
Dutch Finance Ministry Responds to Cyberattack by Taking Systems Offline
The Dutch Ministry of Finance is actively managing a significant cybersecurity incident after discovering unauthorized access to its internal Information and...
Telegram-Based ResokerRAT Adds Screenshot Capture and Persistence
Hackers are deploying a new Windows malware called ResokerRAT, a Telegram‑based Remote Access Trojan (RAT) that gives attackers stealthy remote control over ...
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy...
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to ne...
European Commission Reports Cyber Intrusion and Data Theft
The ShinyHunters hacker group claimed to have stolen over 350GB of information from European Commission cloud systems. The post European Commission Reports C...
Fake Certificate Loader Hides BlankGrabber Malware Chain
BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi‑stage Rust and Python infection chain, making this commodity stealer sig...
European Commission data stolen in a cyberattack on the infrastructure hosting its web sites
The European Commission is continuing to investigate the theft of data from its cloud infrastructure earlier this week. On Thursday, the Commission revealed ...
New PXA Stealer Malware Targets Banks, Uses Telegram to Exfiltrate Data
CyberProof researchers have detected a 10% surge in PXA Stealer attacks targeting financial institutions in Q1 2026.
Critical Ivanti EPMM Vulnerabilities Expose Systems to Arbitrary Code Execution Attacks
In February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). A recen...
Researchers uncover WebRTC skimmer bypassing traditional defenses
Researchers found a new skimmer using WebRTC to steal and send payment data, bypassing traditional security controls. Sansec researchers discovered a new pay...
Torg Grabber Malware Shifts from Telegram Exfiltration to Encrypted REST API for C2
A fast-evolving information‑stealing malware dubbed “Torg Grabber” that has shifted from simple Telegram‑based exfiltration to a hardened, encrypted REST API...
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectivel...
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft an...
China-Backed Hackers Target Southeast Asian Military Systems in Ongoing Spy Campaign
China-linked threat actors have been identified targeting Southeast Asian military networks in a long-running cyber espionage campaign focused on intelligenc...
Five Malicious npm Packages Target Crypto Developers, Steal Wallet Keys via Telegram
Five malicious npm packages impersonating popular crypto libraries are stealing wallet keys from Solana and Ethereum developers and exfiltrating them directl...
New Whitepaper: Exploiting Cellular-based IoT Devices
Rapid7 has released a whitepaper titled “The Weaponization of Cellular Based IoT Technology,” by Deral Heiland, principal security researcher, IoT, at Rapid7...