#Credential-theftPosts

All cybersecurity articles tagged with #credential-theft from the MINE2 expert team.

16 Posts

Tag: #Credential-theft

THREAT INTELLIGENCEAPR 10, 2026• 11 min read

One Token, Dozens of Victims: How the Anodot SaaS Integration Breach Rewrites the Third-Party Risk Playbook

ShinyHunters breached Anodot — a single SaaS analytics integration provider — and used stolen OAuth authentication...

mine2 team

→

THREAT INTELLIGENCEAPR 9, 2026• 14 min read

13 Million Tickets, One Request: How the Adobe BPO Breach Exposes the Third-Party Credential Blind Spot

A threat actor known as Mr. Raccoon allegedly walked into Adobe's support ticketing system through an Indian BPO...

mine2 team

→

THREAT INTELLIGENCEAPR 8, 2026• 11 min read

18,000 Routers, 120 Countries: How APT28's DNS Hijacking Campaign Renders Your M365 Credentials Worthless

Russia's GRU-backed APT28 (Forest Blizzard) compromised 18,000 SOHO routers across 120 countries to silently intercept...

mine2 team

→

THREAT INTELLIGENCEAPR 6, 2026• 12 min read

React2Shell CVE-2025-55182: 766 Next.js Hosts Breached in Automated Credential-Theft Wave

A CVSS 10.0 pre-auth RCE vulnerability in React Server Components has enabled an automated campaign to compromise 766...

mine2 team

→

THREAT INTELLIGENCEAPR 3, 2026• 12 min read

Kerberoasting in April 2026: Why CVE-2026-20833 Enforcement Is Not Enough Without AD Mines

Microsoft's April 2026 RC4 enforcement for CVE-2026-20833 eliminates the weakest Kerberoasting cipher — but 78% of...

mine2 team

→

THREAT INTELLIGENCEMAR 31, 2026• 13 min read

FortiClient EMS Under Fire: CVE-2026-21643 Turns Endpoint Management Into an Attacker's Credential Goldmine

A single unauthenticated HTTP request is all it takes — CVE-2026-21643 lets attackers inject SQL into FortiClient EMS...

mine2 team

→

THREAT INTELLIGENCEMAR 30, 2026• 12 min read

Langflow Under Siege: AI Pipeline RCE Exploited in 20 Hours Exposes the Hidden Credential Crisis in ML Infrastructure

CVE-2026-33017 turned every unpatched Langflow instance into an open door — unauthenticated RCE with a single HTTP...

mine2 team

→

THREAT INTELLIGENCEMAR 29, 2026• 14 min read

The Infostealer Epidemic: 642 Million Stolen Credentials Are Already Inside Your Enterprise

SpyCloud's 2026 Identity Exposure Report reveals 642.4 million exposed credentials harvested from 13.2 million...

mine2 team

→

THREAT INTELLIGENCEMAR 27, 2026• 14 min read

When Defenders' Tools Become Attack Vectors: The Management Platform Exploitation Crisis

CVE-2026-22719 in VMware Aria Operations hit CISA's KEV catalog in March 2026 — one entry in a growing catalog of...

mine2 team

→

THREAT INTELLIGENCEMAR 26, 2026• 14 min read

The AI Agent Credential Heist: How TeamPCP Weaponized LiteLLM to Loot Cloud Environments

In 72 hours, TeamPCP compromised Trivy, Checkmarx, and LiteLLM — a package downloaded 3.4 million times daily —...

mine2 team

→

PRIVILEGED ACCESS-SECURITYMAR 25, 2026• 13 min read

When Your PAM Becomes the Attack Vector: How BeyondTrust's Exploitation Exposed Every Privileged Credential

CVE-2026-1731 (CVSS 9.9) let unauthenticated attackers drain entire credential vaults from 75% of Fortune 100...

mine2 team

→

THREAT INTELLIGENCEMAR 10, 2026• 8 min read

AI Is Supercharging Credential Theft — Here's Why Honeytokens Are Your Best Early Warning

Credential theft surged 160% in 2025 with 1.8B logins stolen. AI-powered infostealers move faster than EDR can react....

mine2 team

→

THREAT INTELLIGENCEMAR 9, 2026• 6 min read

The Rise of the Digital Parasite: Why 82% of Cyberattacks Are Now Malware-Free

CrowdStrike's 2026 Global Threat Report reveals 82% of detections are malware-free. Attackers use stolen credentials...

mine2 team

→

CUSTOMER SUCCESS STORIESJAN 21, 2026• 8 min read

Customer Success: SaaS Company Prevents $2.4M Breach with Mine2 Honeytokens

When a developer's laptop was compromised via a malicious npm package, Mine2 detected credential theft in 47...

mine2 team

→

PRIVILEGED ACCESS SECURITYNOV 3, 2025• 4 min read

We Will Ensure What Happened with Uber in 2022 Won't Happen to You

Uber's 2022 breach via hardcoded PAM credentials resulted in total infrastructure takeover. Learn how Mine2's...

mine2 team

→

VULNERABILITY ANALYSISAUG 14, 2025• 3 min read

Incomplete Windows Patch Exposes NTLM Credentials Again: CVE-2025-50154 Threat Analysis

Cymulate reveals a zero-click NTLM credential leak in fully patched Windows systems, bypassing Microsoft's April 2025...

mine2 team

→

Ready to Secure Your Network?

Transform your cybersecurity posture with MINE2's advanced cyber deception platform. Detect threats before they become breaches.

Get Live Demo Contact Sales