ZeroCrumb is a tool that bypasses Chrome's Elevation Service to extract app-bound credentials and cookies. It uses Transacted Hollowing to impersonate a Chrome instance and decrypt keys, allowing access to sensitive data. Users can implement it as a library and customize it for other credential types.

The article features a live hacking demonstration by Kyle Hanslovan, former NSA operative and Huntress CEO. He showcases how hackers can exploit Microsoft 365, bypass MFA, and compromise systems in under 10 minutes using tactics like social engineering and credential theft.

Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.