Skip to content
Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow’s content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it… 

Read More »Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme

Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme

Feb 28, 2025Ravie LakshmananAPI Security / AI Security Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence… 

Read More »Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security… 

Read More »12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

Feb 28, 2025Ravie LakshmananFinancial Fraud / Cyber Espionage The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware… 

Read More »Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus