#credential-stuffing
5 articles
This archive collects 6 articles tagged credential-stuffing published between April 14, 2026 and May 4, 2026. Coverage includes 3 high, and 3 medium reports. Individual reports below detail the specific incidents, affected systems, and recommended mitigations for security teams tracking this topic.
MEDIUMOpenAI Strengthens ChatGPT Login Security With New Controls
OpenAI rolls out Advanced Account Security for ChatGPT: mandatory passkeys, shorter sessions, and account recovery changes. Affects all users globally.
HIGHSMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks in ThreatsDay
Fake cell towers blast scam texts; OpenEMR flaws expose patient data; 600,000 Roblox accounts hacked via credential stuffing. A busy week in cyber threats.
HIGHIdentity-Based Attacks Dominate Breaches as Attackers Bypass Exploits
The Hacker News reports identity-based attacks, using stolen credentials and MFA bypass, are the dominant initial access vector in modern breaches, rendering sophisticated exploits unnecessary for initial entry.
MEDIUMDraftKings Credential Seller Sentenced to Prison for Continued Fraud
Kamerin Stokes, a participant in the 2022 DraftKings credential stuffing attack, has been sentenced to time served and three years of supervised release for continuing to sell stolen accounts after pleading guilty.
MEDIUMMan Sentenced to Prison for Selling Hacked DraftKings Accounts
Kamerin Stokes was sentenced to 30 months in prison for selling access to tens of thousands of compromised DraftKings accounts, causing over $600,000 in losses.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.