home.social

#password — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #password, aggregated by home.social.

  1. Credential Stealer EKZ Delivered via FortiClient EMS Exploitation

    Attackers exploited CVE-2026-35616 in FortiClient EMS. Threat actors changes EMS settings and pushed a malicious VPN script to endpoints. The script downloaded EKZ Infostealer, disguised as a Fortinet patch. The malware steals browser passwords, cookies, and autofill data.

    Pulse ID: 6a1879e13827c581e8b73eb4
    Pulse Link: otx.alienvault.com/pulse/6a187
    Pulse Author: cryptocti
    Created: 2026-05-28 17:22:41

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Browser #Cookies #CyberSecurity #Endpoint #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #Password #Passwords #VPN #Word #bot #cryptocti

  2. Credential Stealer EKZ Delivered via FortiClient EMS Exploitation

    Attackers exploited CVE-2026-35616 in FortiClient EMS. Threat actors changes EMS settings and pushed a malicious VPN script to endpoints. The script downloaded EKZ Infostealer, disguised as a Fortinet patch. The malware steals browser passwords, cookies, and autofill data.

    Pulse ID: 6a1879e15c8f2d2d2cf72b60
    Pulse Link: otx.alienvault.com/pulse/6a187
    Pulse Author: cryptocti
    Created: 2026-05-28 17:22:41

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Browser #Cookies #CyberSecurity #Endpoint #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #Password #Passwords #VPN #Word #bot #cryptocti

  3. Credential Stealer EKZ Delivered via FortiClient EMS Exploitation

    Attackers exploited CVE-2026-35616 in FortiClient EMS. Threat actors changes EMS settings and pushed a malicious VPN script to endpoints. The script downloaded EKZ Infostealer, disguised as a Fortinet patch. The malware steals browser passwords, cookies, and autofill data.

    Pulse ID: 6a1879e2d85be08873d89445
    Pulse Link: otx.alienvault.com/pulse/6a187
    Pulse Author: cryptocti
    Created: 2026-05-28 17:22:42

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Browser #Cookies #CyberSecurity #Endpoint #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #Password #Passwords #VPN #Word #bot #cryptocti

  4. Credential Stealer EKZ Delivered via FortiClient EMS Exploitation

    Attackers exploited CVE-2026-35616 in FortiClient EMS. Threat actors changes EMS settings and pushed a malicious VPN script to endpoints. The script downloaded EKZ Infostealer, disguised as a Fortinet patch. The malware steals browser passwords, cookies, and autofill data.

    Pulse ID: 6a187a5035303b62f8e49196
    Pulse Link: otx.alienvault.com/pulse/6a187
    Pulse Author: cryptocti
    Created: 2026-05-28 17:24:32

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Browser #Cookies #CyberSecurity #Endpoint #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #Password #Passwords #VPN #Word #bot #cryptocti

  5. Credential Stealer EKZ Delivered via FortiClient EMS Exploitation

    Attackers exploited CVE-2026-35616 in FortiClient EMS. Threat actors changes EMS settings and pushed a malicious VPN script to endpoints. The script downloaded EKZ Infostealer, disguised as a Fortinet patch. The malware steals browser passwords, cookies, and autofill data.

    Pulse ID: 6a187acb35f351993fe5e76b
    Pulse Link: otx.alienvault.com/pulse/6a187
    Pulse Author: cryptocti
    Created: 2026-05-28 17:26:35

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Browser #Cookies #CyberSecurity #Endpoint #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #Password #Passwords #VPN #Word #bot #cryptocti

  6. A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure

    JINX-0164, a financially motivated threat actor active since mid-2025, has been conducting sophisticated campaigns against cryptocurrency organizations. The actor employs LinkedIn-based social engineering, posing as recruiters or business partners to deliver custom macOS malware including AUDIOFIX (a Python-based infostealer and RAT) and MINIRAT (a lightweight Go backdoor). Their operations focus on compromising developer endpoints to steal cryptocurrency wallet credentials, cloud secrets, and GitHub tokens. The attackers then pivot to CI/CD infrastructure, injecting malicious code into repositories to enable lateral movement. In April 2026, they executed a supply chain attack by trojanizing the npm package @velora-dex/sdk. The group masks activity using VPN services and demonstrates advanced capabilities including credential harvesting from password managers, browser extensions, and development tools.

    Pulse ID: 6a181e409d755171f4ac356c
    Pulse Link: otx.alienvault.com/pulse/6a181
    Pulse Author: AlienVault
    Created: 2026-05-28 10:51:44

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Cloud #CredentialHarvesting #CyberSecurity #Endpoint #GitHub #InfoSec #InfoStealer #LinkedIn #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #Password #Python #RAT #SocialEngineering #SupplyChain #Trojan #VPN #Word #bot #cryptocurrency #AlienVault

  7. A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure

    JINX-0164, a financially motivated threat actor active since mid-2025, has been conducting sophisticated campaigns against cryptocurrency organizations. The actor employs LinkedIn-based social engineering, posing as recruiters or business partners to deliver custom macOS malware including AUDIOFIX (a Python-based infostealer and RAT) and MINIRAT (a lightweight Go backdoor). Their operations focus on compromising developer endpoints to steal cryptocurrency wallet credentials, cloud secrets, and GitHub tokens. The attackers then pivot to CI/CD infrastructure, injecting malicious code into repositories to enable lateral movement. In April 2026, they executed a supply chain attack by trojanizing the npm package @velora-dex/sdk. The group masks activity using VPN services and demonstrates advanced capabilities including credential harvesting from password managers, browser extensions, and development tools.

    Pulse ID: 6a181e409d755171f4ac356c
    Pulse Link: otx.alienvault.com/pulse/6a181
    Pulse Author: AlienVault
    Created: 2026-05-28 10:51:44

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Cloud #CredentialHarvesting #CyberSecurity #Endpoint #GitHub #InfoSec #InfoStealer #LinkedIn #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #Password #Python #RAT #SocialEngineering #SupplyChain #Trojan #VPN #Word #bot #cryptocurrency #AlienVault

  8. A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure

    JINX-0164, a financially motivated threat actor active since mid-2025, has been conducting sophisticated campaigns against cryptocurrency organizations. The actor employs LinkedIn-based social engineering, posing as recruiters or business partners to deliver custom macOS malware including AUDIOFIX (a Python-based infostealer and RAT) and MINIRAT (a lightweight Go backdoor). Their operations focus on compromising developer endpoints to steal cryptocurrency wallet credentials, cloud secrets, and GitHub tokens. The attackers then pivot to CI/CD infrastructure, injecting malicious code into repositories to enable lateral movement. In April 2026, they executed a supply chain attack by trojanizing the npm package @velora-dex/sdk. The group masks activity using VPN services and demonstrates advanced capabilities including credential harvesting from password managers, browser extensions, and development tools.

    Pulse ID: 6a181e409d755171f4ac356c
    Pulse Link: otx.alienvault.com/pulse/6a181
    Pulse Author: AlienVault
    Created: 2026-05-28 10:51:44

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Cloud #CredentialHarvesting #CyberSecurity #Endpoint #GitHub #InfoSec #InfoStealer #LinkedIn #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #Password #Python #RAT #SocialEngineering #SupplyChain #Trojan #VPN #Word #bot #cryptocurrency #AlienVault

  9. A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure

    JINX-0164, a financially motivated threat actor active since mid-2025, has been conducting sophisticated campaigns against cryptocurrency organizations. The actor employs LinkedIn-based social engineering, posing as recruiters or business partners to deliver custom macOS malware including AUDIOFIX (a Python-based infostealer and RAT) and MINIRAT (a lightweight Go backdoor). Their operations focus on compromising developer endpoints to steal cryptocurrency wallet credentials, cloud secrets, and GitHub tokens. The attackers then pivot to CI/CD infrastructure, injecting malicious code into repositories to enable lateral movement. In April 2026, they executed a supply chain attack by trojanizing the npm package @velora-dex/sdk. The group masks activity using VPN services and demonstrates advanced capabilities including credential harvesting from password managers, browser extensions, and development tools.

    Pulse ID: 6a181e409d755171f4ac356c
    Pulse Link: otx.alienvault.com/pulse/6a181
    Pulse Author: AlienVault
    Created: 2026-05-28 10:51:44

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Cloud #CredentialHarvesting #CyberSecurity #Endpoint #GitHub #InfoSec #InfoStealer #LinkedIn #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #Password #Python #RAT #SocialEngineering #SupplyChain #Trojan #VPN #Word #bot #cryptocurrency #AlienVault

  10. A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure

    JINX-0164, a financially motivated threat actor active since mid-2025, has been conducting sophisticated campaigns against cryptocurrency organizations. The actor employs LinkedIn-based social engineering, posing as recruiters or business partners to deliver custom macOS malware including AUDIOFIX (a Python-based infostealer and RAT) and MINIRAT (a lightweight Go backdoor). Their operations focus on compromising developer endpoints to steal cryptocurrency wallet credentials, cloud secrets, and GitHub tokens. The attackers then pivot to CI/CD infrastructure, injecting malicious code into repositories to enable lateral movement. In April 2026, they executed a supply chain attack by trojanizing the npm package @velora-dex/sdk. The group masks activity using VPN services and demonstrates advanced capabilities including credential harvesting from password managers, browser extensions, and development tools.

    Pulse ID: 6a181e409d755171f4ac356c
    Pulse Link: otx.alienvault.com/pulse/6a181
    Pulse Author: AlienVault
    Created: 2026-05-28 10:51:44

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Cloud #CredentialHarvesting #CyberSecurity #Endpoint #GitHub #InfoSec #InfoStealer #LinkedIn #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #Password #Python #RAT #SocialEngineering #SupplyChain #Trojan #VPN #Word #bot #cryptocurrency #AlienVault

  11. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  12. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  13. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  14. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  15. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  16. Android Trojan Abuses Commercial Rooting Tool and Steals Private Information

    Rootnik is an Android trojan that exploits vulnerabilities in Android 4.3 and earlier by weaponizing a Chinese commercial rooting tool called Root Assistant. The malicious operation spreads through repackaged legitimate applications distributed globally, affecting users primarily in the United States, Malaysia, Thailand, Lebanon and Taiwan. After installation, Rootnik gains root access using stolen exploits, installs four persistent APK files to the system partition, and performs aggressive app promotion campaigns. The trojan silently installs and uninstalls applications, downloads and executes code remotely, and harvests sensitive data including WiFi passwords, location information, device identifiers, and MAC addresses. The malware maintains command and control infrastructure through multiple domains and generates revenue through aggressive advertising that interrupts user activity regardless of the current application.

    Pulse ID: 6a123f4adef80b0c4d8ccd35
    Pulse Link: otx.alienvault.com/pulse/6a123
    Pulse Author: AlienVault
    Created: 2026-05-23 23:59:06

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #Android #Chinese #CyberSecurity #InfoSec #Mac #Malware #OTX #OpenThreatExchange #Password #Passwords #RAT #Thailand #Trojan #UnitedStates #Word #bot #AlienVault

  17. Android Trojan Abuses Commercial Rooting Tool and Steals Private Information

    Rootnik is an Android trojan that exploits vulnerabilities in Android 4.3 and earlier by weaponizing a Chinese commercial rooting tool called Root Assistant. The malicious operation spreads through repackaged legitimate applications distributed globally, affecting users primarily in the United States, Malaysia, Thailand, Lebanon and Taiwan. After installation, Rootnik gains root access using stolen exploits, installs four persistent APK files to the system partition, and performs aggressive app promotion campaigns. The trojan silently installs and uninstalls applications, downloads and executes code remotely, and harvests sensitive data including WiFi passwords, location information, device identifiers, and MAC addresses. The malware maintains command and control infrastructure through multiple domains and generates revenue through aggressive advertising that interrupts user activity regardless of the current application.

    Pulse ID: 6a123f4adef80b0c4d8ccd35
    Pulse Link: otx.alienvault.com/pulse/6a123
    Pulse Author: AlienVault
    Created: 2026-05-23 23:59:06

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #Android #Chinese #CyberSecurity #InfoSec #Mac #Malware #OTX #OpenThreatExchange #Password #Passwords #RAT #Thailand #Trojan #UnitedStates #Word #bot #AlienVault

  18. Android Trojan Abuses Commercial Rooting Tool and Steals Private Information

    Rootnik is an Android trojan that exploits vulnerabilities in Android 4.3 and earlier by weaponizing a Chinese commercial rooting tool called Root Assistant. The malicious operation spreads through repackaged legitimate applications distributed globally, affecting users primarily in the United States, Malaysia, Thailand, Lebanon and Taiwan. After installation, Rootnik gains root access using stolen exploits, installs four persistent APK files to the system partition, and performs aggressive app promotion campaigns. The trojan silently installs and uninstalls applications, downloads and executes code remotely, and harvests sensitive data including WiFi passwords, location information, device identifiers, and MAC addresses. The malware maintains command and control infrastructure through multiple domains and generates revenue through aggressive advertising that interrupts user activity regardless of the current application.

    Pulse ID: 6a123f4adef80b0c4d8ccd35
    Pulse Link: otx.alienvault.com/pulse/6a123
    Pulse Author: AlienVault
    Created: 2026-05-23 23:59:06

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #Android #Chinese #CyberSecurity #InfoSec #Mac #Malware #OTX #OpenThreatExchange #Password #Passwords #RAT #Thailand #Trojan #UnitedStates #Word #bot #AlienVault

  19. Android Trojan Abuses Commercial Rooting Tool and Steals Private Information

    Rootnik is an Android trojan that exploits vulnerabilities in Android 4.3 and earlier by weaponizing a Chinese commercial rooting tool called Root Assistant. The malicious operation spreads through repackaged legitimate applications distributed globally, affecting users primarily in the United States, Malaysia, Thailand, Lebanon and Taiwan. After installation, Rootnik gains root access using stolen exploits, installs four persistent APK files to the system partition, and performs aggressive app promotion campaigns. The trojan silently installs and uninstalls applications, downloads and executes code remotely, and harvests sensitive data including WiFi passwords, location information, device identifiers, and MAC addresses. The malware maintains command and control infrastructure through multiple domains and generates revenue through aggressive advertising that interrupts user activity regardless of the current application.

    Pulse ID: 6a123f4adef80b0c4d8ccd35
    Pulse Link: otx.alienvault.com/pulse/6a123
    Pulse Author: AlienVault
    Created: 2026-05-23 23:59:06

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #Android #Chinese #CyberSecurity #InfoSec #Mac #Malware #OTX #OpenThreatExchange #Password #Passwords #RAT #Thailand #Trojan #UnitedStates #Word #bot #AlienVault

  20. Android Trojan Abuses Commercial Rooting Tool and Steals Private Information

    Rootnik is an Android trojan that exploits vulnerabilities in Android 4.3 and earlier by weaponizing a Chinese commercial rooting tool called Root Assistant. The malicious operation spreads through repackaged legitimate applications distributed globally, affecting users primarily in the United States, Malaysia, Thailand, Lebanon and Taiwan. After installation, Rootnik gains root access using stolen exploits, installs four persistent APK files to the system partition, and performs aggressive app promotion campaigns. The trojan silently installs and uninstalls applications, downloads and executes code remotely, and harvests sensitive data including WiFi passwords, location information, device identifiers, and MAC addresses. The malware maintains command and control infrastructure through multiple domains and generates revenue through aggressive advertising that interrupts user activity regardless of the current application.

    Pulse ID: 6a123f4adef80b0c4d8ccd35
    Pulse Link: otx.alienvault.com/pulse/6a123
    Pulse Author: AlienVault
    Created: 2026-05-23 23:59:06

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #Android #Chinese #CyberSecurity #InfoSec #Mac #Malware #OTX #OpenThreatExchange #Password #Passwords #RAT #Thailand #Trojan #UnitedStates #Word #bot #AlienVault

  21. En #Linux, la app de escritorio de #Bitwarden no permite desbloquear con #biometrics en el primer acceso (a diferencia de #Windows / #macOS). Toca meter la master #password cada vez que reinicias 😅

    Si también te molesta, vota esta feature 👉 community.bitwarden.com/t/linu

  22. En #Linux, la app de escritorio de #Bitwarden no permite desbloquear con #biometrics en el primer acceso (a diferencia de #Windows / #macOS). Toca meter la master #password cada vez que reinicias 😅

    Si también te molesta, vota esta feature 👉 community.bitwarden.com/t/linu

  23. En #Linux, la app de escritorio de #Bitwarden no permite desbloquear con #biometrics en el primer acceso (a diferencia de #Windows / #macOS). Toca meter la master #password cada vez que reinicias 😅

    Si también te molesta, vota esta feature 👉 community.bitwarden.com/t/linu

  24. En #Linux, la app de escritorio de #Bitwarden no permite desbloquear con #biometrics en el primer acceso (a diferencia de #Windows / #macOS). Toca meter la master #password cada vez que reinicias 😅

    Si también te molesta, vota esta feature 👉 community.bitwarden.com/t/linu

  25. En , la app de escritorio de no permite desbloquear con en el primer acceso (a diferencia de / ). Toca meter la master cada vez que reinicias 😅

    Si también te molesta, vota esta feature 👉 community.bitwarden.com/t/linu

  26. CVE-2026-34474: Pre-auth #credential disclosure in #ZTE #H298A / #H108N via #ETHCheat...The short version: an ETHCheat branch returns credential-bearing #HTML before #authentication. The captured fields include the #admin #password, WLAN PSK, and ESSID, and a companion wizard #endpoint #exposes serial data.

    #cybersecurity #cybersec #security #exploited

  27. CVE-2026-34474: Pre-auth #credential disclosure in #ZTE #H298A / #H108N via #ETHCheat...The short version: an ETHCheat branch returns credential-bearing #HTML before #authentication. The captured fields include the #admin #password, WLAN PSK, and ESSID, and a companion wizard #endpoint #exposes serial data.

    #cybersecurity #cybersec #security #exploited

  28. CVE-2026-34474: Pre-auth #credential disclosure in #ZTE #H298A / #H108N via #ETHCheat...The short version: an ETHCheat branch returns credential-bearing #HTML before #authentication. The captured fields include the #admin #password, WLAN PSK, and ESSID, and a companion wizard #endpoint #exposes serial data.

    #cybersecurity #cybersec #security #exploited

  29. [Перевод] Соль и перец в безопасности паролей

    Безопасность данных сегодня стала главным приоритетом для любого веб-ресурса. Базовым стандартом защиты учетных записей является хеширование паролей. Этот процесс превращает конфиденциальные символы в необратимый код. Без него утечка базы данных мгновенно скомпрометирует пользователей. Однако обычного хеширования недостаточно из-за угрозы быстрых хакерских атак. Для защиты разработчики применяют «соль» (salt) — случайные данные, добавляемые к паролю. Минус соли в том, что она хранится рядом с хешем и не спасает от мощного перебора. Тогда на помощь приходит «перец» (pepper), скрытый в коде сервера. Его главная проблема — высокий риск потерять доступ ко всем аккаунтам при компрометации самого секретного ключа. Эта статья поможет вам разобраться в эволюции методов криптографической защиты. Вы узнаете, как правильно комбинировать эти инструменты для надежной аутентификации.

    habr.com/ru/companies/spring_a

    #java #kotlin #hash #cryptography #spring #spring_boot #spring_framework #spring_security #security #password

  30. [Перевод] Соль и перец в безопасности паролей

    Безопасность данных сегодня стала главным приоритетом для любого веб-ресурса. Базовым стандартом защиты учетных записей является хеширование паролей. Этот процесс превращает конфиденциальные символы в необратимый код. Без него утечка базы данных мгновенно скомпрометирует пользователей. Однако обычного хеширования недостаточно из-за угрозы быстрых хакерских атак. Для защиты разработчики применяют «соль» (salt) — случайные данные, добавляемые к паролю. Минус соли в том, что она хранится рядом с хешем и не спасает от мощного перебора. Тогда на помощь приходит «перец» (pepper), скрытый в коде сервера. Его главная проблема — высокий риск потерять доступ ко всем аккаунтам при компрометации самого секретного ключа. Эта статья поможет вам разобраться в эволюции методов криптографической защиты. Вы узнаете, как правильно комбинировать эти инструменты для надежной аутентификации.

    habr.com/ru/companies/spring_a

    #java #kotlin #hash #cryptography #spring #spring_boot #spring_framework #spring_security #security #password

  31. [Перевод] Соль и перец в безопасности паролей

    Безопасность данных сегодня стала главным приоритетом для любого веб-ресурса. Базовым стандартом защиты учетных записей является хеширование паролей. Этот процесс превращает конфиденциальные символы в необратимый код. Без него утечка базы данных мгновенно скомпрометирует пользователей. Однако обычного хеширования недостаточно из-за угрозы быстрых хакерских атак. Для защиты разработчики применяют «соль» (salt) — случайные данные, добавляемые к паролю. Минус соли в том, что она хранится рядом с хешем и не спасает от мощного перебора. Тогда на помощь приходит «перец» (pepper), скрытый в коде сервера. Его главная проблема — высокий риск потерять доступ ко всем аккаунтам при компрометации самого секретного ключа. Эта статья поможет вам разобраться в эволюции методов криптографической защиты. Вы узнаете, как правильно комбинировать эти инструменты для надежной аутентификации.

    habr.com/ru/companies/spring_a

    #java #kotlin #hash #cryptography #spring #spring_boot #spring_framework #spring_security #security #password

  32. [Перевод] Соль и перец в безопасности паролей

    Безопасность данных сегодня стала главным приоритетом для любого веб-ресурса. Базовым стандартом защиты учетных записей является хеширование паролей. Этот процесс превращает конфиденциальные символы в необратимый код. Без него утечка базы данных мгновенно скомпрометирует пользователей. Однако обычного хеширования недостаточно из-за угрозы быстрых хакерских атак. Для защиты разработчики применяют «соль» (salt) — случайные данные, добавляемые к паролю. Минус соли в том, что она хранится рядом с хешем и не спасает от мощного перебора. Тогда на помощь приходит «перец» (pepper), скрытый в коде сервера. Его главная проблема — высокий риск потерять доступ ко всем аккаунтам при компрометации самого секретного ключа. Эта статья поможет вам разобраться в эволюции методов криптографической защиты. Вы узнаете, как правильно комбинировать эти инструменты для надежной аутентификации.

    habr.com/ru/companies/spring_a

    #java #kotlin #hash #cryptography #spring #spring_boot #spring_framework #spring_security #security #password

  33. Abuse of Microsoft Entra ID for Microsoft 365 and Azure Data Theft

    The threat actor Storm-2949 conducted a sophisticated cloud infrastructure campaign, gaining extensive access across IaaS, PaaS and SaaS layers.The attacker targeted identity and control plane access leveraging legitimate features like Self Service Password Reset and Azure VM extensions to blend in with normal administrative activity.

    Pulse ID: 6a10b2bb7e136892a411ff5a
    Pulse Link: otx.alienvault.com/pulse/6a10b
    Pulse Author: cryptocti
    Created: 2026-05-22 19:47:07

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Azure #Cloud #CyberSecurity #DataTheft #ELF #ESET #InfoSec #Microsoft #OTX #OpenThreatExchange #Password #RAT #Word #bot #cryptocti

  34. Abuse of Microsoft Entra ID for Microsoft 365 and Azure Data Theft

    The threat actor Storm-2949 conducted a sophisticated cloud infrastructure campaign, gaining extensive access across IaaS, PaaS and SaaS layers.The attacker targeted identity and control plane access leveraging legitimate features like Self Service Password Reset and Azure VM extensions to blend in with normal administrative activity.

    Pulse ID: 6a10b2bb7e136892a411ff5a
    Pulse Link: otx.alienvault.com/pulse/6a10b
    Pulse Author: cryptocti
    Created: 2026-05-22 19:47:07

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Azure #Cloud #CyberSecurity #DataTheft #ELF #ESET #InfoSec #Microsoft #OTX #OpenThreatExchange #Password #RAT #Word #bot #cryptocti

  35. Abuse of Microsoft Entra ID for Microsoft 365 and Azure Data Theft

    The threat actor Storm-2949 conducted a sophisticated cloud infrastructure campaign, gaining extensive access across IaaS, PaaS and SaaS layers.The attacker targeted identity and control plane access leveraging legitimate features like Self Service Password Reset and Azure VM extensions to blend in with normal administrative activity.

    Pulse ID: 6a10b2bb7e136892a411ff5a
    Pulse Link: otx.alienvault.com/pulse/6a10b
    Pulse Author: cryptocti
    Created: 2026-05-22 19:47:07

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Azure #Cloud #CyberSecurity #DataTheft #ELF #ESET #InfoSec #Microsoft #OTX #OpenThreatExchange #Password #RAT #Word #bot #cryptocti