Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

OwnCloud MFA credential-theft advisory

Advisory/Mitigation
First reported
Last updated
Happening score
H score 24
1 unique sources, 1 articles

Summary

Hide ▲

ownCloud issued an urgent MFA advisory after reports that attackers reused stolen credentials to access self-hosted file-sharing accounts without multi-factor protection. The company said its platform was not hacked or breached and that the activity did not involve zero-day exploits or other platform vulnerabilities. Users were told to reset passwords, invalidate active sessions, and review access logs to cut off unauthorized access to ownCloud Community Edition and other deployments.

Related Happenings

PCPJack credential theft framework worms across exposed cloud infrastructure

Malware Activity
First: 08.05.2026 12:00 Last: 08.05.2026 12:00 Sources 1

About this happening: The **PCPJack** malware activity is extending a **credential-theft** operation across **exposed cloud infrastructure**, stripping **TeamPCP** artifacts and stealing access from se...

Open Happening

PCPJack TeamPCP-targeting cloud credential theft campaign

Campaign
First: 08.05.2026 12:00 Last: 08.05.2026 12:00 Sources 1

About this happening: A new **PCPJack** campaign is targeting **TeamPCP victims** by **worming across exposed cloud infrastructure**, creating a fresh risk of credential theft and unauthorized reuse of...

Open Happening

SonicWall MySonicWall cloud backup breach exposing firewall backup files

Data Leak
First: 29.01.2026 19:57 Last: 29.01.2026 19:57 Sources 1

About this happening: **SonicWall** said a **state-sponsored threat actor** stole **firewall configuration backup files** from its **MySonicWall cloud backup service** in a **September** security breac...

Open Happening

PcComponentes hit by cyberattack

Incident
First: 21.01.2026 22:55 Last: 21.01.2026 22:55 Sources 1

About this happening: **PcComponentes** confirmed a **credential stuffing attack** on its platform, and the event mattered because a **small number of accounts** were compromised and account protection...

Open Happening

Publicly exposed training apps as recurring cloud-entry risk across security vendors

Target Trend
First: 21.01.2026 16:00 Last: 21.01.2026 16:00 Sources 1

About this happening: **Cybersecurity training apps** left exposed on the public Internet are creating a recurring **cloud-entry risk** for **security vendors and enterprise users**. A scan identified...

Open Happening

Timeline

  1. 07.01.2026 16:34 2 articles · 4mo ago

    ownCloud issues MFA and password-reset advisory

    Mitigation Patch Update

    ownCloud warned users to enable Multi-Factor Authentication (MFA) and to reset passwords, invalidate active sessions, and review access logs after saying its platform was not hacked or breached and that attackers had reused compromised credentials rather than exploiting a platform vulnerability.

    Show sources
    Open in new tab
  2. 05.01.2026 02:00 1 articles · 4mo ago

    Hudson Rock reports credential-theft access chain

    Technical Analysis Update

    Hudson Rock reported credential-theft intrusions against self-hosted file-sharing servers, including some ownCloud Community Edition instances, where attackers used credentials stolen by infostealer malware such as RedLine, Lumma, and Vidar from infected employee devices.

    Show sources
    Open in new tab