Tag

#account takeover

16 stories taggedaccount takeover.

Photoreal news-editorial style, 16:9 framing, full-frame edge-to-edge composition
Identity & Access

Spanish Startup 8Layers Has Raised $2.9 Million to Track Every Digital Identity Inside a Business

The Madrid company says its platform watches human accounts, software service accounts, and AI agents across cloud tools, then flags suspicious behaviour before it becomes a breach.

3 min
Photoreal editorial shot of a modern smartphone on a dark desk, screen showing a generic fingerprint unlock prompt glowing softly, a faint blurred laptop keyboa
Identity & Access

Passkeys Are Winning the Login Fight. Attackers Are Moving to the Verification Step.

Credential stuffing is fading as passkeys go mainstream. The next account takeover battle is happening at password resets, help desks, and identity checks.

3 min
A smartphone resting on a car dashboard at night, its screen glowing with an incoming call notification, rain-blurred streetlights visible through the windscree
Threat Intelligence

Fake DoorDash Calls Are Draining Delivery Drivers' Wallets

Criminals are posing as DoorDash support staff, tricking gig workers into handing over account details, then quietly emptying their earnings. One driver lost $21,000.

3 min
Full frame, photoreal news-editorial image of a laptop screen showing a generic corporate sign-in code entry page in a dimly lit office, with a smartphone besid
Identity & Access

Fake Teams Invites Are Tricking Microsoft 365 Users Into Handing Over Their Accounts

A phishing crew is skipping the fake login page and walking victims straight through Microsoft's own device sign-in flow.

4 min
Photoreal editorial shot of a dimly lit open-plan office at night, a single monitor glowing with an abstract email inbox interface, soft blue and amber light, s
AI Security

Behavioral AI vs. modern email attacks: what a vendor webinar actually promises

A live session pitches behavioral analysis as the answer to phishing, BEC and account takeover. Here's what that means in plain English, and where the hard parts still sit.

3 min
Threat Intelligence

SSU, FBI Detail Russian Phishing Op Targeting Signal and Telegram Accounts

Ukrainian counterintelligence says GRU and FSB-linked operators ran fake tech-support flows against officials' messengers across Ukraine, Europe, and the U.S.

2 min
Identity & Access

Account Takeovers Still Outrunning Detection, Vendors Push Behavioral AI as Answer

Compromised credentials remain the cheapest entry point on criminal marketplaces. A new webinar argues behavioral models, not static rules, are the only way to close the gap.

2 min
Identity & Access

Third DraftKings Credential-Stuffing Conspirator Sentenced to 18 Months

Nathan Austad gets a year and a half in federal prison, plus $1.8 million in forfeiture and restitution, closing out the last of the DraftKings account-takeover prosecutions.

2 min
AI Security

Email security teams are buried in alerts. Behavioral AI vendors say they have an answer.

Phishing, BEC and account takeover noise keeps SOCs busy. A new webinar pitches behavioral detection as the way to cut through it.

3 min
Policy & Regulation

Mastra npm Namespace Hit: 145 Packages Tampered After Contributor Account Hijack

Researchers tracking the 'easy-day-js' supply chain incident say a single compromised maintainer account was sufficient to push malicious versions across the @mastra/* registry footprint.

2 min
AI Security

Someone Wallpapered the @mastra npm Namespace With Malicious Builds

A hijacked maintainer account pushed 144 booby-trapped packages across the Mastra AI framework before anyone noticed. The attacker called it 'easy-day-js.' It was.

2 min
Identity & Access

Behavioral AI Pitched as Triage Layer for Phishing and ATO Floods

A vendor webinar argues that pattern-learning models can cut investigation time on BEC and account takeover incidents. The harder question: what does that mean for breach-notification timelines?

3 min
Breaches

Tchap Account Takeover Exposes 73,000 French Government Users

France's sovereign messaging platform wasn't broken — a user was. Social engineering got an attacker inside, and unencrypted public rooms did the rest.

2 min
Threat Intelligence

World Cup 2026 Phishing Infrastructure Is Already Stood Up

Lookalike FIFA domains, trojanized streaming apps, and credential harvesters are live weeks before kickoff. The pattern is familiar; the scale isn't.

3 min
AI Security

Meta's AI Support Bot Handed Out Password Resets to Anyone Who Asked Nicely

A pro-Iran Telegram channel published a walkthrough showing how Instagram's conversational recovery assistant could be talked into linking attacker-controlled email addresses to target accounts. The Obama White House and a senior U.S. Space Force account were briefly defaced.

3 min
© 2026 Threat Vectr