Troy Hunt

FEBRUARY 25, 2025

We've also added 244M passwords we've never seen before to Pwned Passwords and updated the counts against another 199M that were already in there. The file in the image above contained over 36 million rows of data consisting of website URLs and the email addresses and passwords entered into them.

Passwords 360

Passwords Accountability VPN Malware 360

Troy Hunt

MARCH 4, 2020

Since launching version 2 of Pwned Passwords with the k-anonymity model just over 2 years ago now, the thing has really gone nuts (read that blog post for background otherwise nothing from here on will make much sense). They could be searching for any password whose SHA-1 hash begins with those characters. Very slick!

Passwords 311

Passwords Data breaches Risk Encryption 311

NetSpi Technical

NOVEMBER 14, 2024

Running PowerHuntShares I’ve provided more details on the GitHub page, but PowerHuntShares is a simple PowerShell script that can be downloaded and run using PowerShell 5.1 Download PowerHuntShares here. You can download the template file here , and then use it to search for things you care about using the command below.

Passwords 145

Passwords Risk Data collection Backups 145

Malwarebytes

MAY 2, 2025

If there is a cybersecurity themed day that we would like to get rid as soon as possible its world password day. To quote Microsoft : As the world shifts from passwords to passkeys, were excited to join the FIDO Alliance in leaving World Password Day behind to celebrate the very first World Passkey Day.

Passwords 80

Passwords Password Management Authentication Accountability 80

Malwarebytes

MARCH 26, 2025

Use a different password for every online account. Choose a strong password that you dont use for anything else. Better yet, let a password manager choose one for you. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Enable two-factor authentication (2FA).

Phishing 115

Phishing Malware Passwords Password Management 115

Security Affairs

MAY 28, 2025

Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools Intelligence (DTI) researchers warn of a malicious campaign using a fake website (bitdefender-download[.]com) The malware includes tools for password theft and stealthy access.”

Antivirus 120

Antivirus Malware Banking Passwords 120

Troy Hunt

MAY 20, 2022

Data breaches, 3D printing and passwords - just the usual variety of things this week. More specifically, that really cool Pwned Passwords downloader that I know a bunch of people have been waiting on, and now we've finally released.

Passwords 66

Passwords Data breaches 66

SecureList

OCTOBER 21, 2024

Kral In mid-2023, we discovered the Kral downloader which, back then, downloaded the notorious Aurora stealer. This changed in February this year when we discovered a new Kral stealer, which we believe is part of the same malware family as the downloader due to certain code similarities. That file is the Kral downloader.

Passwords 128

Passwords Malware Encryption Cryptocurrency 128

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload.

Malware 116

Malware Scams Identity Theft Antivirus 116

Security Affairs

APRIL 27, 2025

Microsoft warns that threat actor Storm-1977 is behind password spraying attacksagainst cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers observed a threat actor, tracked as Storm-1977, using AzureChecker.exe to launch password spray attacks against cloud tenants in the education sector.

Education 74

Education Passwords Accountability Encryption 74

Malwarebytes

FEBRUARY 11, 2025

They dont crack into password managers or spy on passwords entered for separate apps. If enough victims unwittingly send their passwords, the cyber thieves may even bundle the login credentials for sale on the dark web. The lure that convinces people to download these apps varies.

Phishing 125

Phishing Passwords Mobile Authentication 125

Joseph Steinberg

JANUARY 19, 2021

Last week, shortly before Amazon took the Parler social network offline by terminating the latter’s hosting services, a hacker allegedly facilitated a download of the social media site’s data. ” Vigilantism undermines the rule of law.

Media 258

Media Government DDOS Engineering 258

Malwarebytes

JANUARY 3, 2025

If interested, the victim will receive a download link and a password for the archive containing the promised installer. The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. fr leyamor[.]com

Scams 139

Scams Identity Theft Media Accountability 139

Malwarebytes

MARCH 17, 2025

But in the background, their system has hidden malware in the file the victim has downloaded, which is capable of gathering information from the affected device such as: Personal identifying information (PII) including Social Security Numbers (SSN). Change all your passwords and do this using a clean, trusted device.

Malware 135

Malware Adware Education Phishing 135

Troy Hunt

AUGUST 29, 2023

Further, the passwords from the malware will shortly be searchable in the Pwned Passwords service which can either be checked online or via the API. Pwned Passwords is presently requested 5 and a half billion times each month to help organisations prevent people from using known compromised passwords.

Malware 360

Malware Passwords Password Management Antivirus 360

Troy Hunt

NOVEMBER 13, 2024

As I said, our IT department recently notified me that some of my data was leaked and a pre-emptive password reset was enforced as they didn't know what was leaked.    It would be good to see it as an informational notification in case there's an increase in attack attempts against my email address.

Data breaches 329

Data breaches Passwords B2B Technology 329

Malwarebytes

NOVEMBER 18, 2024

We’ve seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup, also showing a phone number. In both instances, that number is fraudulent.

Scams 141

Scams Antivirus Software Passwords 141

Krebs on Security

JANUARY 14, 2025

“This presents a significant potential impact as RAM can contain sensitive data (such as passwords, credentials and PII) that may have been in open documents or browser sessions and can all be recovered with free tools from hibernation files.” Unpatched.ai “It may be the first of many in 2025.”

Artificial Intelligence 292

Artificial Intelligence Social Engineering Encryption Internet 292

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. So take special care when downloading software to ensure that you are in fact getting the program from the original, legitimate source whenever possible.

Cybercrime 345

Cybercrime Passwords Authentication Malware 345

Webroot

APRIL 30, 2025

In todays digital world, passwords have become a necessary part of life. May 1, 2025, is World Password Day , a reminder that passwords are the unsung heroes of cybersecurity, the first line of defense for all your sensitive personal data. World Password Day is more relevant than ever in todays evolving threat landscape.

Passwords 62

Passwords Password Management Malware Accountability 62

Troy Hunt

NOVEMBER 19, 2020

txt" had a small number of email address and password hex pairs. I mean can we trust that both the email addresses and passwords from these alleged breaches represent actual accounts on those services? txt" and true to its name, it appears from the forgotten password email that they were never even hashed in the first place.

Passwords 364

Passwords Password Management Accountability Risk 364

SecureList

DECEMBER 23, 2024

Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor ( CVE-2018-0802 ) to download and execute malware code. It contains a formula editor exploit that downloads and runs an HTML Application (HTA) file hosted on the same C2 server.

Encryption 135

Encryption Penetration Testing Malware Phishing 135

Troy Hunt

JUNE 30, 2022

Four and a half years ago now, I rolled out version 2 of HIBP's Pwned Passwords that implemented a really cool k-anonymity model courtesy of the brains at Cloudflare. Actually, the multiple problems, the first of which is that it's just way too fast for storing user passwords in an online system.

Passwords 352

Passwords Identity Theft Consumer Services Password Management 352

Troy Hunt

MAY 29, 2024

unique passwords provided by law enforcement agencies into Have I Been Pwned (HIBP) following botnet takedowns in a campaign they've coined Operation Endgame. The only data we've been provided with is email addresses and disassociated password hashes, that is they don't appear alongside a corresponding address.

Passwords 360

Passwords Password Management Data breaches Cybercrime 360

Malwarebytes

MAY 27, 2025

While the sheer volume of exposed dataincluding emails, passwords, and authorization URLsis alarming, the real concern is not just about the exposure itself, but in how cybercriminals collect and weaponize these credentials. Infostealers have evolved beyond simple password grabbers. Use unique, complex passwords for every service.

Identity Theft 145

Identity Theft Passwords Accountability Phishing 145

Krebs on Security

SEPTEMBER 19, 2024

Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. Executing this series of keypresses prompts the built-in Windows Powershell to download password-stealing malware.

Phishing 327

Phishing Scams Malware Passwords 327

Jane Frankland

MAY 16, 2025

Auto-fill Exploits: A small but critical sign when your password manager doesnt autofill it might be a scam site. He explained: There are moments that should raise red flags but dont like when your password manager doesnt autofill. Avoid reusing passwords across different services. Always stop and check the URL.

Scams 130

Scams Password Management Passwords Banking 130

Malwarebytes

APRIL 16, 2025

This is where a bot takes a password and email address that has been stolen and leaked online, and then tries those credentials across a myriad of services in the hope that its owner will have reused the password elsewhere. Don’t reuse passwords. Keep threats off your devices by downloading Malwarebytes today.

Internet 142

Internet Internet Passwords Artificial Intelligence 142

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. It steals browser passwords, cookies, and crypto wallet data.

Malware 106

Malware Scams Media Artificial Intelligence 106

The Last Watchdog

MARCH 28, 2025

Ransomware attacks typically involve tricking victims into downloading and installing the ransomware, which copies, encrypts, and/or deletes critical data on the device, only to be restored upon the ransom payment. Traditionally, the primary target of ransomware has been the victims device. .

Antivirus 147

Antivirus Ransomware Social Engineering Engineering 147

Security Affairs

NOVEMBER 26, 2024

Researchers at Elastic Security Labs analyzed the malware and confirmed it can steal keychain passwords and data from multiple browsers. We’ve archived the leak and made it available for download on GitHub.” We've archived the leak and made it available for download on GitHub.

Malware 143

Malware Cryptocurrency Encryption Passwords 143

Malwarebytes

APRIL 15, 2025

A screenshot of some of CL0P’s list of victims (other victims’ names obscured) This leak site is also where the stolen data is available for download. Malwarebytes Labs was unable to figure out how many people were affected, but the number of available archives for download is in the tenfolds. Change your password.

Data breaches 98

Data breaches Ransomware Passwords B2B 98

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. To extract cookies from Chromium-based browsers, it downloads a module from the C&C to bypass App-Bound encryption.

Encryption 116

Encryption Password Management Cryptocurrency Social Engineering 116

SecureList

MARCH 11, 2025

In the video description is a download link to the product supposedly being advertised. The link points to a legitimate file-sharing service where a password-protected archive awaits, the password for which is also in the video description. The malware also affected a small number of users from Belarus, Kazakhstan and China.

Passwords 96

Passwords Malware Advertising Software 96

SecureList

APRIL 8, 2025

Instead of the description copied from GitHub, the visitor is presented with an imposing list of office applications complete with version numbers and “Download” buttons. io/download. Page for downloading the suspicious archive Clicking that button finally downloads a roughly seven-megabyte archive named vinstaller.zip.

Passwords 87

Passwords Cryptocurrency Software Antivirus 87

Malwarebytes

FEBRUARY 19, 2025

The latest, major threats to Mac computers can steal passwords and credit card details with delicate precision, targeting victims across the internet based on their device, location, and operating system. On these websites, cybercriminals advertise a piece of high-demand software and trick users into a download.

Malware 125

Malware Software Passwords Cryptocurrency 125

Security Affairs

OCTOBER 21, 2024

HIBP confirmed that the stolen archive had 31M records, including email address, screen name, bcrypt password hash, and timestamps for password changes. This file contained an authentication token that allowed the attacker to download the Internet Archive’s source code, which included additional credentials and tokens.

Internet 128

Internet Internet Data breaches Authentication 128