Dozens of Major Data Breaches Linked to Single Threat Actor
The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations. The post Dozens of Major Data Breaches Linked to Single Threat Actor appeared first on SecurityWeek.
Several major data breaches are linked to a threat actor who relies on stolen credentials to compromise enterprise networks, Hudson Rock reports.
Operating under the moniker ‘Zestix’ but also linked to the online persona ‘Sentap’, the threat actor is an initial access broker (IAB) who was also seen exfiltrating victim data and selling it on hacker forums.
According to Hudson Rock, Zestix emerged as a distinct entity in late 2024-early 2025, but its activities can be linked to Sentap operations that have been ongoing since 2021.
Source: https://www.securityweek.com/dozens-of-major-data-breaches-linked-to-single-threat-actor/
Related breach coverage
- Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms2026-02-10
China-linked UNC3886 targeted all four major telecom providers, but did not disrupt services or access customer information. The post Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms appeared first on SecurityWeek.
- Notepad++ Supply Chain Hack Conducted by China via Hosting Provider2026-02-02
The likely state-sponsored threat actor had access to the hosting provider for months and targeted only certain Notepad++ customers. The post Notepad++ Supply Chain Hack Conducted by China via Hosting Provider appeared first on SecurityWeek.
- Data Stolen in Eurofiber France Hack2025-11-18
A threat actor exploited a vulnerability, exfiltrated data, and attempted to extort Eurofiber. The post Data Stolen in Eurofiber France Hack appeared first on SecurityWeek.
- Google Warns of New Campaign Targeting BPOs to Steal Corporate Data2026-04-09
Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO. The post Google Warns of New Campaign Targeting BPOs to Steal Corporate Data appeared first on SecurityWeek.