Tag: credential theft

The $262 Million Security Theater: How MFA Failures and Three‑Year‑Old Passwords Fueled a Global Infostealer Breach

A single criminal campaign has exposed a structural weakness at the heart of modern enterprise security: organizations are spending heavily on advanced tools while still allowing three‑year‑old stolen passwords to unlock terabytes of their most sensitive data. Over roughly a year, a threat actor known as Zestix (aka Sentap) quietly breached about 50 global enterprises…

January 11, 2026
How One Access Broker Quietly Breached Dozens of Global Enterprises—And Exposed the Limits of Traditional Security

A single criminal operating under the aliases Zestix and Sentap has quietly breached dozens of major global enterprises not by exploiting advanced zero‑day vulnerabilities, but by doing something far simpler: logging in with valid usernames and passwords stolen from employees’ own devices. This campaign exposes a fundamental weakness in modern corporate security strategies—an overreliance on…

January 11, 2026

Hushvault