Cybersecurity experts at Cybernews have uncovered an astonishing trove of 16 billion login credentials - likely pulled via “infostealer” malware - now circulating on the dark web. These records include a mix of usernames, fresh passwords, authentication tokens, session cookies, and metadata.
Security researchers emphasize that many of these credentials are recently stolen, not just recycled from dated breaches, which amplifies the threat level. Targeted platforms include major services such as Google, Apple, Facebook, Telegram, GitHub, and even some government portals.
Experts warn this dataset is a “blueprint for mass exploitation,” and its scale could fuel a wave of phishing attacks, account takeovers, and identity theft.
What you need to do now:
Change all your passwords, especially those used across multiple sites.
Enable multi-factor authentication, preferably using an authenticator app or device-based passkeys instead of SMS.
Scan your devices for malware, particularly to check for infostealer infections.
news.com.au
Use unique, strong passwords and consider a password manager to help.
Monitor your accounts closely for suspicious activity, emails, or unauthorized login attempts.
Stay tuned to KRLD.com as we monitor responses from cybersecurity agencies and major tech platforms regarding remediation and ongoing protective measures.
LISTEN on the Audacy App
Tell your Smart Speaker to "PLAY 1080 KRLD"
Sign Up to receive our KRLD Insider Newsletter for more news
Follow us on Facebook | Twitter | Instagram | YouTube