Storm malware automates session hijacking for entry-level hackers

Rookie cybercriminals now use subscription malware to hijack enterprise and cryptocurrency accounts ...
Forbes

Stolen Session Cookies: The Next Big Cyber Threat

In 2022 alone, over 87,000 exposed credentials tied to Fortune 1000 C-level executives were recaptured from the criminal underground, according to SpyCloud's 2023 Identity Exposure Report. The threat ...
Microsoft

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated ...
Hosted on MSN

16 Billion Passwords Leaked: Why Blockchain-Based Identity Matters Now

In June 2025, cybersecurity researchers confirmed the largest password leak in internet history. Over 16 billion unique credentials, including passwords, session tokens, cookies, and metadata, were ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
Dark Reading

Overcoming the Rising Threat of Session Hijacking

From passkeys to multifactor authentication (MFA), most businesses are embracing solutions that protect sensitive information to minimize their attack surface and enhance cybersecurity posture. While ...

Microsoft: Canadian employees targeted in payroll pirate attacks

A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees' salary payments after hijacking their accounts in payroll pirate attacks.
Dark Reading

Heartbleed Attack Targeted Enterprise VPN

Now there's live proof the Heartbleed bug can be exploited, not just to steal private SSL keys stored on a server, but also to retrieve VPN session tokens. Researchers at Mandiant -- now part of ...