Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities
A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1041 — Exfiltration Over C2 Channel (Exfiltration)
Clear filter48 articles found
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and pers...
Cyberattack on West Pharmaceutical halts manufacturing across multiple sites
West Pharmaceutical Services has disclosed a ransomware attack that disrupted manufacturing, shipping, and receiving operations across multiple global facili...
Foxconn factories resume operations after ransomware attack
The attack impacted Foxconn's North American facilities, with the Nitrogen ransomware group claiming to have exfiltrated over 11 million documents, including...
Nitrogen Ransomware claims massive data theft from Foxconn
Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm.
West Pharmaceutical says hackers stole data, encrypted systems
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [.
OpenLoop Health confirms January 2026 Data breach affecting 716,000
In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confir...
When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise
Overview Attackers do not need to break into the front door when they can convince employees to open it for them through the tools they already trust. In Apr...
716,000 Impacted by OpenLoop Health Data Breach
The telehealth platform was hacked in January, and users’ personal information was exfiltrated from its systems. The post 716,000 Impacted by OpenLoop Health...
Instructure settles with hackers following massive student data theft
Educational tech firm Instructure reached a deal with hackers after a major Canvas breach exposed data stolen from schools and universities.
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that us...
Instructure took a risky approach to recover stolen Canvas data
Instructure, the company behind the online learning platform Canvas, said it reached an agreement with the extortion group ShinyHunters to prevent data stole...
Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform
The company that operates online learning system Canvas said it struck a deal with hackers to delete the data they pilfered in a cyberattack that created cha...
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware. The post West Pharmaceutical Services Hit b...
Instructure reaches 'agreement' with ShinyHunters to stop data leak
Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" with the ShinyHunters extortion g...
Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks
A critical security vulnerability in the Cline AI coding assistant’s kanban package exposes developers to remote code execution, data theft, and denial-of-se...
ODINI Malware Uses CPU Magnetic Signals to Exfiltrate Data from Air-Gapped Systems
Air-gapped systems and Faraday cages have long represented the gold standard for protecting critical infrastructure and sensitive military networks. However,...
ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data
The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data.
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any a...
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America...