#session-hijacking
5 articles
Over nine articles published between April 11 and May 15, 2026, ZCyberNews covered session-hijacking activity. The threat actors Gremlin Stealer and Storm-2755 were observed, with CVE-2022-23961 (CVSS 6.1) and CVE-2026-5084 among the top vulnerabilities. Affected sectors included cryptocurrency, finance, financial services, hr, and information technology, with Canada as the primary region. The coverage comprised six high-severity and two medium-severity incidents.
HIGHGremlin Stealer Evolves: Crypto Clipping, Session Hijacking, Packed
Unit 42 details a new Gremlin stealer variant using XOR-encrypted resource sections, crypto clipper, WebSocket session hijacking, and a commercial packer with instruction...
HIGHCVE-2026-5084: WebDyne Session IDs Generated with Weak MD5/rand()
CVE-2026-5084: WebDyne::Session through 2.075 for Perl generates session IDs from an MD5 hash seeded with rand(), enabling session prediction and hijacking.
MEDIUMThruk Monitoring XSS Flaw CVE-2022-23961 Lets Attackers Hijack
CVE-2022-23961 (CVSS 6.1) in Thruk Monitoring through 2.46.3 enables unauthenticated reflected XSS via the login field, risking session theft for admins.
HIGH108 Malicious Chrome Extensions Hijack Browsers, Steal Google and Telegram Data
Socket identified 108 malicious Chrome extensions that infected 20,000 users, stealing Google and Telegram session cookies and injecting ads via a shared command-and-control server.
HIGHStorm-2755 Hijacks Payroll via AiTM Attacks
Financially motivated group Storm-2755 targets Canadian employees using AiTM session hijacking to redirect salary payments.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.