credential-harvesting

Preview image for a blog post

Operation Campus Credential: Suspected Chinese APT Targets Universities via Vulnerable Roundcube Servers

Chinese threat cluster exploits Roundcube vulnerabilities to breach US/Canadian universities, harvesting credentials and sensitive data.
Preview image for a blog post

Operation PhishingNet: Russian Intelligence Deploys Fake Support Texts for Global Credential Theft

SSU and FBI uncover Russian intelligence campaign using fake support texts to steal messaging credentials from officials and military globally.
Preview image for a blog post

FortiBleed: Unmasking a Global 110 Million-Credential Harvesting Operation Targeting FortiGate Firewalls

Pre-emptive threat intelligence details FortiBleed, a Russian IAB's 110M credential harvesting operation targeting 430,000 FortiGate firewalls since February 2026.
Preview image for a blog post

AccountDumpling: 30,000 Facebook Accounts Compromised via Google AppSheet Phishing Relay

Guardio uncovers AccountDumpling, a Vietnamese-linked operation using Google AppSheet to phish 30,000 Facebook accounts.
Preview image for a blog post

Silver Fox Unleashes Sophisticated Tax-Themed Phishing Onslaught Against Japanese Enterprises

ESET researchers uncover Silver Fox's tax-themed phishing targeting Japanese firms, focusing on credential theft and financial fraud during tax season.
Preview image for a blog post

Deconstructing the Facebook Friend Post Scam: A Technical Deep Dive into Account Compromise & Phishing Vectors

Technical analysis of common Facebook friend post scams, detailing attack vectors, credential harvesting, and advanced forensic investigation.
Preview image for a blog post

SANDWORM_MODE Unleashed: Malicious npm Packages Steal Crypto Keys, CI Secrets, and API Tokens in a Shai-Hulud-like Supply Chain Attack

Active npm supply chain worm, SANDWORM_MODE, harvests crypto keys, CI secrets, and API tokens, demanding urgent developer vigilance.
Preview image for a blog post

Phishing Link Click: Unveiling the Technical Cascade of a Cyber Attack

Deep dive into the technical aftermath of clicking a phishing link, from immediate compromise to advanced persistent threats and DFIR strategies.