Tag: data exfiltration
146 articles

GoSerpent Malware Evolves with Advanced Data Exfiltration Tactics
In late 2025, a new wave of malicious activity emerged, led by the evolved GoSerpent malware, which has been quietly lurking in the shadows since at least 2021. This stealthy backdoor has upgraded its data exfiltration tactics, putting organizations on high alert.

macOS Malware Exploits User Trust to Steal Sensitive Data
Beware of a sneaky new macOS malware that tricks you into stealing your own sensitive data - all it needs is for you to paste a single command into Terminal. Dubbed ClickLock Stealer, this clever con artist has already duped at least 100 victims across 33 countries.

FBI Traces Scattered Spider Hacker via Persistent Windows Device ID
In a brazen ransom email, the attackers boldly declared, "IMPORTANT: WE STOLE THE DATA, CONTACT UMMEDIATELY," leaving no doubt about their malicious intentions. The hackers infiltrated the retailer's network through a clever help-desk ploy, tricking staff into resetting passwords and gaining control of critical accounts.

Opera GX Flaw Enables Sites to Auto-Install Malicious Mods
A critical flaw in Opera GX allowed websites to secretly install malicious customization mods, which could then siphon sensitive data from other sites you visited - and it took a $5,000 bounty and a May 8 patch to fix the issue. This sneaky exploit let attackers install mods without your consent, putting your online security at risk.

TrojPix Exploits Video Cables to Leak Air-Gapped Data
Meet TrojPix, a sneaky technique that can stealthily siphon air-gapped data at lightning-fast speeds of up to 1 megabyte per second - fast enough to exfiltrate a 100MB file in under two minutes while the monitor appears dark and inactive.

Microsoft Warns AI Agents Can Leak Data via Poisoned Tool Descriptions
A single line of plain text can unwittingly turn a helpful AI agent into a stealthy data thief, exposing sensitive information through a vulnerability in the Model Context Protocol (MCP). This fast-growing attack surface has Microsoft warning of a potentially disastrous trust boundary breach.
UK Cyber Monitoring Centre Probes Canvas Breach Impact
The UK's Cyber Monitoring Centre is investigating a massive breach of Canvas, a popular learning management system, that exposed sensitive data at nearly 160 UK universities and colleges, as part of a global incident affecting around 9,000 educational institutions. The breach was caused by a notorious cybercrime group that exploited vulnerabilities on April 29 and again on May 7.

Microsoft 365 Copilot Flaw Exposes Sensitive Data to One-Click Attack
A single click on a seemingly trustworthy Microsoft link could have put sensitive information like emails, calendar details, and files at risk of being exposed to attackers, thanks to a flaw in Microsoft 365 Copilot Enterprise Search. This vulnerability, known as SearchLeak, highlights the importance of staying vigilant even with trusted sources.

Microsoft 365 Copilot Exploited in 1-Click Data Theft Attack
A critical vulnerability in Microsoft 365 Copilot Enterprise, known as SearchLeak, could be exploited with just one click to steal sensitive data from mailboxes, OneDrive, and SharePoint. Fortunately, Microsoft has patched the flaw, CVE-2026-42824, and no user action is required to stay safe.

OpenAI Bolsters ChatGPT with Lockdown Mode to Curb Data Exfiltration Risks
OpenAI is stepping up ChatGPT's security game with Lockdown Mode, a powerful setting that limits connections to the web and external services to prevent data exfiltration - a game-changer for those handling sensitive information. This advanced feature is now rolling out to eligible accounts, offering stricter protection guarantees.

Cyber Extortion Economy Shifts Away From Ransomware Encryption
The cyber extortion landscape is undergoing a seismic shift, with threat actors ditching ransomware encryption in favor of data-only extortion - and they're moving at lightning speed, with one case seeing data exfiltration in just 39 seconds. This trend is driven by improved backup and recovery methods, leaving attackers to focus on stealing sensitive data.

Cybercriminals Impersonate IT Personnel in Targeted Attacks
Cybercriminals are now masquerading as IT personnel to launch targeted attacks, with the FBI warning that law firms and professional sectors are prime targets. This new tactic allows groups like the Silent Ransom Group to swiftly access and exfiltrate sensitive data, often without encrypting systems.

Microsoft Abuses Self-Service Password Reset in Azure Data Theft Attacks
Microsoft warns that hackers are using clever social engineering tactics and exploiting self-service password reset features to drain sensitive data from high-value Azure assets. By tricking users into approving multi-factor authentication prompts, attackers can gain access to production Microsoft 365 and Azure environments.

Hackers Exploit Human Behavior to Bypass Security Tools
As cyber threats evolve at an alarming rate, hackers are exploiting human behavior to outsmart security tools, forcing organizations to rethink their defensive strategies. With identity abuse and data extortion on the rise, businesses must stay ahead of the game to protect themselves.

Gremlin Stealer Evolves with Advanced Evasion Tactics
In just 12 months, the Gremlin stealer malware has transformed from a basic credential harvester to a sophisticated modular toolkit that can stealthily siphon sensitive information from compromised systems. Its latest variant now specifically targets Chromium-based browsers, making it an even more formidable threat.

West Pharmaceutical hit by cyberattack, data stolen
West Pharmaceutical Services suffered a significant cybersecurity breach on May 4, 2026, when hackers infiltrated their systems, encrypting certain data and making off with sensitive information, prompting a formal investigation. The company confirmed the severity of the attack three days later, on May 7.

GemStuffer Exploits RubyGems to Exfiltrate UK Council Data
Meet GemStuffer, a sneaky campaign that's hijacking the RubyGems registry to steal sensitive data, including information from a UK council, by hiding scraped content within seemingly harmless package files. Over 150 malicious gems have been used to store and exfiltrate this data, exposing it to anyone who knows where to look.

Ransomware Evolves With Post-Quantum Encryption, New Extortion Tactics
Ransomware attacks may be on the decline, but don't let your guard down - attackers are getting smarter, ditching encryption, and selling stolen data, with the manufacturing sector alone losing a whopping $18 billion in just three quarters. The threat may have evolved, but the damage and risk remain very real.

Trigona Ransomware Exploits Custom Tool for Swift Data Exfiltration
Trigona ransomware attackers have unleashed a custom-built, command-line tool that turbocharges data theft, allowing them to siphon off sensitive information with lightning speed and razor-sharp efficiency. This potent tool is the latest weapon in their arsenal, enabling faster and more efficient data exfiltration from compromised environments.

Malicious Docker Images Compromise Checkmarx Supply Chain
Malicious Docker images compromised the Checkmarx supply chain by embedding a tampered KICS binary that secretly collected and sent sensitive data to an external endpoint. This sneaky data-exfiltration risk put users at risk, thanks to an altered scan report generated by the poisoned image.

Malicious Chrome Extensions Exfiltrate User Data
Malicious actors have hijacked 108 Google Chrome extensions, quietly harvesting user data and turning every webpage into a playground for ad injection and code execution - putting around 20,000 users at risk. This sneaky campaign, discovered by cybersecurity researchers, uses a single command-and-control system to wreak havoc on unsuspecting browsers.

Hackers Exploit Microsoft 365 Mailbox Rules to Conceal Post-Breach Activity
Hackers are exploiting a sneaky vulnerability in Microsoft 365 mailbox rules to hide their tracks, siphon sensitive data, and maintain a backdoor into compromised accounts. This stealthy tactic allows attackers to fly under the radar, making it even harder to detect and stop them.

Researchers bypass Grafana AI with stealthy data exfiltration technique
Imagine a tool meant to reveal operational insights being turned into a stealthy spy, siphoning off sensitive corporate secrets - that's what happened when researchers exploited Grafana's AI with a cunning technique called indirect prompt injection. Dubbed GrafanaGhost, this attack bypasses Grafana's defenses, exfiltrating data without leaving a digital trail.

Malicious AI Gateway Exposes Data Through Supply Chain Breach
A recent analysis of LiteLLM, a popular AI gateway, revealed a supply chain breach that embedded malicious code designed to steal sensitive data, highlighting the vulnerability of even the most trusted components. This breach turned a multifunctional gateway meant to enhance AI agents into a vector for data theft, putting countless users at risk.