CSO Online

Five Chrome extensions caught hijacking enterprise sessions

Malicious Chrome extensions posing as productivity tools were found stealing session tokens, blocking security controls, and enabling account takeover across popular enterprise HR and ERP platforms.
Security Boulevard

The New ATO Playbook: Session Hijacking, MFA Bypass, and Credential Abuse Trends for 2026

Account takeover didn’t disappear — it evolved Account takeover (ATO) and credential abuse aren’t new.What’s changed is how attackers do it and why many traditional defenses no longer catch it early.
Hosted on MSN

16 Billion Passwords Leaked: Why Blockchain-Based Identity Matters Now

In June 2025, cybersecurity researchers confirmed the largest password leak in internet history. Over 16 billion unique credentials, including passwords, session tokens, cookies, and metadata, were ...
Security

Web Forms Are Financial Services’ Most Dangerous Blind Spot

Financial institutions rely on web forms to capture their most sensitive customer information, yet these digital intake points remain chronically undersecured. As threat actors exploit injection ...
JD Supra

Inside CyberCX’s 2025 DFIR Report: MFA Failures and Espionage Risks Revealed

The DFIR 2025 Threat Report from CyberCX offers a firsthand view of how cyber adversaries adapted and accelerated their tactics in 2024. Covering incidents across Australia, New Zealand, North America ...