top of page


Enterprise Security Tech
A cybersecurity resource for CxOs
Search


Nearly 150 Million Stolen Logins Exposed Online in Massive Infostealer Data Leak
A massive trove of stolen login credentials, totaling nearly 150 million unique usernames and passwords, was recently found sitting exposed on the open internet, underscoring just how industrialized and fragile the modern credential theft ecosystem has become. The cache, uncovered by cybersecurity researcher Jeremiah Fowler at ExpressVPN , contained more than 149 million records and roughly 96 gigabytes of raw data. The database was neither encrypted nor protected by a passwo
Jan 25


Grubhub Confirms Data Breach as Hackers Demand Extortion Using Stolen SaaS Credentials
Food delivery giant Grubhub is investigating a data breach that has escalated into what sources describe as an extortion attempt, underscoring how stolen SaaS credentials can reverberate across companies months after an initial compromise. The company confirmed that attackers accessed parts of its internal systems and downloaded data, but declined to specify when the intrusion occurred, whose information was involved, or whether ransom demands are underway. In a statement, G
Jan 19


Stolen Credentials, Not Zero Days: How a Tennessee Hacker Breached Supreme Court Systems and Bragged on Instagram
A Tennessee man has admitted to repeatedly breaching some of the federal government’s most sensitive digital systems, a case that underscores how fragile legacy authentication practices remain even at the highest levels of U.S. institutions. Court records show that 24 year old Nicholas Moore of Springfield, Tennessee, pleaded guilty on Friday to unlawfully accessing the U.S. Supreme Court’s electronic filing system more than two dozen times. Prosecutors say the intrusions oc
Jan 19


Alleged Target Source Code Leak Puts Retailer’s Internal Systems in the Crosshairs
Cybercriminals are attempting to sell what they claim is a massive cache of internal source code linked to Target, igniting fresh concern over how quietly sensitive development systems can be exposed without triggering alarms. The episode surfaced after a previously unknown threat actor posted on a well known underground forum, advertising what was described as sensitive development files allegedly taken from the US retail giant. To bolster the claim, the actor briefly publi
Jan 13


LinkedIn Phishing Scams Hijack Public Comments, Using AI to Impersonate Platform Support
A wave of LinkedIn phishing attacks is exploiting the platform’s own public comment sections, blurring the line between legitimate support messages and outright fraud in a way that security researchers say marks a new phase in social engineering. The campaign surfaced earlier this week when researchers and targeted users began warning that bot-like accounts were replying directly to posts while impersonating LinkedIn itself. The fake comments claim the recipient has violated
Jan 13


The Aftermath of the Instagram 'Breach'
A flood of unexpected Instagram password reset emails has left millions of users wondering whether their accounts were quietly compromised or if something else is unfolding behind the scenes. Meta insists there was no breach of Instagram’s systems and that accounts remain secure. Security researchers are not so quick to dismiss the risks. The confusion stems from reports that a dataset tied to roughly 17.5 million Instagram users is circulating on cybercrime forums. Malwareby
Jan 13
bottom of page