VulnHub

Real-time Cybersecurity News

MFA Failure Enables Infostealer Breach At 50 Enterprises

Infosecurity Magazine
Actively Exploited
Exploit

Overview

A hacker group known as Zestix has successfully breached around 50 companies by exploiting a lack of multi-factor authentication (MFA). These breaches involved the use of infostealers, which are malicious programs designed to gather sensitive information from users. The absence of MFA made it easier for attackers to gain access to sensitive data without needing additional verification steps. This incident serves as a stark reminder for businesses to implement stronger security measures, as it shows how quickly attackers can exploit basic vulnerabilities. Organizations that haven't adopted MFA may find themselves at greater risk of data theft and financial loss.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: 50 enterprises, infostealer malware
  • Action Required: Implement multi-factor authentication (MFA) to enhance security against unauthorized access.
  • Timeline: Newly disclosed

Original Article Summary

Threat actor “Zestix” was able to breach around 50 firms using infostealers because they lacked multi-factor authentication

Impact

50 enterprises, infostealer malware

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Implement multi-factor authentication (MFA) to enhance security against unauthorized access.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Exploit.

Read Original Article

Related Coverage

The US NSA is using Anthropic’s Claude Mythos despite supply chain risk

Security Affairs

The National Security Agency (NSA) is reportedly using Anthropic's Claude Mythos AI model, despite warnings from the Department of Defense about potential supply chain risks. This situation raises concerns about the balance between utilizing AI for defense purposes and the inherent risks that come with integrating third-party technology. The NSA's decision blurs the lines between AI as a necessary tool for national security and the vulnerabilities that can arise from dependency on external software. As AI continues to evolve, this case illustrates the challenges faced by government agencies in ensuring the security of their technological tools while also leveraging their capabilities. The implications of such decisions may affect various sectors, particularly in how AI is adopted in sensitive environments.

Apr 21, 2026

$290 Million Kelp DAO Crypto Heist Blamed on North Korea

SecurityWeek

A significant crypto heist has taken place, resulting in a loss of approximately $290 million from Kelp DAO. The attack is attributed to North Korean hackers who exploited vulnerabilities in LayerZero’s DVN by compromising specific Remote Procedure Calls (RPCs) and launching Distributed Denial of Service (DDoS) attacks on others. This strategy forced the system to switch over to compromised infrastructure, allowing the attackers to siphon off funds. This incident raises alarms within the cryptocurrency community, highlighting the ongoing threat posed by state-sponsored hackers and the need for enhanced security measures in decentralized finance. As crypto continues to grow, incidents like this can undermine user trust and have broader implications for the market.

Apr 21, 2026

Mythos can find the vulnerability. It can’t tell you what to do about it.

CyberScoop

Anthropic has introduced a new model called Mythos that can identify vulnerabilities in software more quickly and at a lower cost than previous methods. While this capability could benefit developers and security teams by streamlining the detection of weaknesses in their systems, it does not provide guidance on how to fix these vulnerabilities. This gap means that even though vulnerabilities can be found faster, organizations still face challenges in addressing them effectively. The ongoing struggle to remediate identified issues remains a significant hurdle in cybersecurity. As companies adopt such tools, they need to ensure they have the expertise and processes in place to address vulnerabilities once they are discovered.

Apr 21, 2026

Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool

Infosecurity Magazine

Vercel, a cloud app developer, has confirmed that it faced a security breach due to a sophisticated attack that exploited a third-party tool. The details surrounding the breach remain limited, but it raises concerns regarding the safety of applications built on Vercel's platform. Users and developers relying on Vercel for their cloud services should be vigilant, as this incident highlights potential vulnerabilities in third-party integrations. The company is likely working to assess the full impact of the breach and implement necessary security measures to prevent future incidents. This situation serves as a reminder for all companies to review their security practices, especially when using external tools and services.

Apr 21, 2026

NGate Android malware uses HandyPay NFC app to steal card data

BleepingComputer

A new variant of the NGate malware is targeting Android users by disguising itself within a trojanized version of HandyPay, a legitimate mobile payment app. This malware is designed to steal NFC payment data, posing a significant risk to users who rely on their smartphones for transactions. By embedding itself in a trusted application, attackers are increasing the chances that unsuspecting users will download and use the malicious version. Users of Android devices should be cautious about installing apps from unofficial sources and ensure they are using the latest security updates to protect their sensitive financial information. The implications of this malware are serious, as it could lead to unauthorized transactions and financial loss for those affected.

Apr 21, 2026

North Korean Blamed for $290m KelpDAO Crypto Heist

Infosecurity Magazine

North Korea's Lazarus Group has been implicated in a significant cyber theft involving KelpDAO, a decentralized finance platform, with losses estimated at $290 million. This incident marks another high-profile attack linked to the notorious group, known for its involvement in various cybercrimes, including cryptocurrency thefts. KelpDAO is now facing the repercussions of this breach, which impacts not only its operations but also the broader crypto community concerned about security. The attack raises alarms about the vulnerability of decentralized finance platforms to state-sponsored hacking, emphasizing the need for enhanced security measures across the industry. As the investigation unfolds, it is crucial for crypto users and platforms to remain vigilant against such threats.

Apr 21, 2026