Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > Credential Theft
#Credential Theft

Supply Chain Attack Backdoors 233 Laravel-Lang Package Versions Across 700 GitHub Repositories

25 May 2026  |  dark6  |  Malware

Attackers exploited GitHub's tagging system to inject credential-stealing PHP backdoors into 233 versions of Laravel-Lang packages, silently targeting developer cloud keys, SSH credentials, and CI/CD secrets across 700...

>> read more

Gremlin Stealer Evolves: New Variant Hides C2 URLs in Encrypted Resources and Adds Discord Token Theft

21 May 2026  |  dark6  |  Malware

A newly analyzed Gremlin stealer variant hides C2 URLs inside XOR-encrypted .NET resource sections, making it invisible to static scanners. The malware now targets Discord tokens and adds...

>> read more

Claude Code’s Five-Month Network Sandbox Bypass Silently Exposed Developer Credentials and Source Code

21 May 2026  |  dark6  |  Vulnerability

Anthropic's Claude Code harbored a critical SOCKS5 null-byte injection sandbox bypass for over five months, allowing attackers to silently exfiltrate developer credentials, source code, and API keys. The...

>> read more

Four Malicious npm Packages Steal SSH Keys, Cloud Credentials, and Crypto Wallets in Coordinated Supply Chain Attack

19 May 2026  |  dark6  |  Malware

Four malicious npm packages have been discovered stealing SSH keys, cloud credentials, cryptocurrency wallets, and environment variables, with one variant also deploying a DDoS botnet. The campaign uses...

>> read more

84 TanStack npm Packages Poisoned in Sophisticated Supply-Chain Attack Stealing Cloud and CI Credentials

15 May 2026  |  dark6  |  Cybercrime

Attackers compromised 84 npm artifacts across 42 TanStack packages — including react-router with 12M+ weekly downloads — injecting a credential-stealing payload via chained GitHub Actions abuse. Organizations that...

>> read more

Microsoft Edge Stores Your Entire Password Vault in Cleartext Process Memory — Every Session

5 May 2026  |  dark6  |  Privacy

Security researcher @L1v1ng0ffTh3L4N has revealed that Microsoft Edge decrypts all stored passwords into plaintext process memory at browser launch and keeps them there for the entire session. Unlike...

>> read more

AccountDumpling: Vietnamese Phishing Ring Abuses Google AppSheet and Telegram to Harvest 30,000 Facebook Accounts

4 May 2026  |  dark6  |  Phishing

A sophisticated phishing operation called AccountDumpling has compromised around 30,000 Facebook accounts by routing lures through legitimate platforms including Google AppSheet, Netlify, and Vercel to bypass email security...

>> read more

CORDIAL SPIDER and SNARKY SPIDER Deploy AiTM Pages to Breach SharePoint, HubSpot, and Google Workspace

2 May 2026  |  dark6  |  Phishing

Two threat groups are deploying adversary-in-the-middle phishing pages combined with voice phishing to bypass MFA and hijack enterprise SaaS sessions. Operating entirely within trusted cloud environments, the campaigns...

>> read more