Credential-Stealing OSS ‘Crystalray’ Attacks Jump 10X

Crystalray’s attack chain involves using various OSS tools for reconnaissance, scanning, and exploiting vulnerabilities. The group was first discovered in February using the “SSH-Snake” tool to exploit vulnerabilities in Atlassian Confluence. This article has been indexed from Cyware News –…

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

itsecuritynews.info - 02/Apr 20:36

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal...

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

itsecuritynews.info - 02/Apr 20:36

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal...

NomShub Vulnerability Chain Exposes Hidden Risks in AI Coding Tools

itsecuritynews.info - 07/Apr 18:10

NomShub shows how attackers can exploit AI coding tools to turn routine actions into full system compromise. The post NomShub Vulnerability Chain...

Hackers exploit React2Shell in automated credential theft campaign

bleepingcomputer.com - 05/Apr 14:17

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable...

Hackers exploit React2Shell in automated credential theft campaign

bleepingcomputer.com - 05/Apr 14:17

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable...

Cyber Briefing: 2026.04.07

itsecuritynews.info - 08/Apr 11:34

A series of cybersecurity developments highlights escalating threats, from ransomware groups exploiting vulnerabilities and zero-days to data breaches...

Claude Code leak used to push infostealer malware on GitHub

bleepingcomputer.com - 02/Apr 20:30

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware....

Claude Code leak used to push infostealer malware on GitHub

bleepingcomputer.com - 02/Apr 20:30

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware....

Threat Actors Exploit GitHub as C2 in Multi-Stage Attacks Attacking Organizations in South Korea

itsecuritynews.info - 07/Apr 19:34

GitHub attacked by state-sponsored hackers Cyber criminals possibly linked with the Democratic People’s Republic of Korea (DPRK) have been found...

Ransomware Groups Exploit Legit IT Tools to Bypass Antivirus

itsecuritynews.info - 01/Apr 13:11

New research from Seqrite explains the ‘dual-use dilemma,’ where ransomware attackers repurpose legitimate IT tools like IOBit Unlocker… This...

Rubriques :

Credential-Stealing OSS ‘Crystalray’ Attacks Jump 10X

Articles similaires

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

NomShub Vulnerability Chain Exposes Hidden Risks in AI Coding Tools

Hackers exploit React2Shell in automated credential theft campaign

Hackers exploit React2Shell in automated credential theft campaign

Cyber Briefing: 2026.04.07

Claude Code leak used to push infostealer malware on GitHub

Claude Code leak used to push infostealer malware on GitHub

Threat Actors Exploit GitHub as C2 in Multi-Stage Attacks Attacking Organizations in South Korea

Ransomware Groups Exploit Legit IT Tools to Bypass Antivirus

Les derniers communiqués