Who needs #phishing when your credentials are already for sale online?
No need to impersonate anyone. No need to send fake emails. Your access is just sitting out there, ready to use. That’s exactly how cybercriminal group #UNC5537 managed to breach a #Mandiant account — the cybersecurity firm owned by #Google. No sophisticated attack, no magic code. Just stolen credentials bought off underground markets. And it’s not an isolated case: over 100 companies have been affected.
All the stolen data came from infostealer bots like #Lumma and #Racoon, which infect devices and grab everything — usernames, passwords, tokens — and sell them to whoever wants them. In many cases, they even bypass two-factor authentication, especially if the second factor is weak or interceptable.
That’s the real problem: we still think #cybersecurity means building a higher wall. But here, the enemy walks right through the front door — because they already have the key. The only real defense is changing the model. Static passwords aren’t enough anymore. Systems that don’t analyze the context of each login are wide open. And if they can breach Mandiant, none of us should feel safe.
What we really need is #culture, #culture, #culture — not just tougher security software walls.
Culture teaches us to manage passwords properly and reduce these risks.
