The team at Dashlane shared a full report on how bad actors managed to grab these encrypted files from their cloud storage systems.

The trouble started when hackers stole special digital keys, called session tokens, from the personal computers of several employees.

These digital keys acted like a permanent hall pass that let the hackers bypass normal login checks and two-factor safety codes.

By using these stolen passes, the attackers could trick the system into thinking they were authorized workers with permission to view internal data.

Once inside the internal dashboard, the hackers used a specific tool designed for customer support to find and download the password files.

While the files are still locked with a master password that only the user knows, having the files gives hackers a chance to try and crack them offline.

Dashlane officials confirmed that the hackers did not get into the core database where the most sensitive user information lives.

The company has now forced all employees to log out and updated their digital key system to make sure this specific trick cannot be used again.

Protecting internal entry keys is just as important as building strong locks for the data itself.

These computer tools have found flaws that were hidden for many years in the code that different companies use to build their products.

A big debate is growing about whether the people who made the original code or the companies currently using it should be the ones to fix it.

Experts from companies like Checkmarx say that finding these flaws is easier now, but the actual work of fixing them is still very slow.

If a company uses code from another group, it is often hard to decide who is responsible for paying to clean up the mess.

Many organizations rely on very old software that has not been checked for safety in a long time.

Criminals can also use these same smart tools to find the same weak spots and use them to break into business networks.

Security leaders are worried that without clear rules, many of these newly found flaws will stay open for a long time.

Teams must decide who owns the job of fixing old code before bad actors can use it to cause harm.

The latest threat intelligence reveals a significant shift in how attackers harvest corporate credentials through a sophisticated infrastructure known as the "Mythos" family. These large-scale phishing kits allow low-skilled criminals to deploy convincing login pages that bypass traditional security filters and capture sensitive user data at an industrial pace.

This generation of phishing tools specifically targets multi-factor authentication by using adversary-in-the-middle techniques. Instead of just stealing passwords, the attackers intercept active session tokens in real-time. This method allows them to impersonate legitimate employees and gain full access to corporate cloud environments without needing to provide a second safety code.

Cybersecurity experts warn that the developers behind these kits are constantly updating their software to evade detection by security vendors. By treating their malicious tools like a legitimate software-as-a-service business, they provide customer support and regular updates to their buyers, making it easier for automated attacks to stay one step ahead of corporate defenders.

These programs are called adaptive worms, and they use built-in reasoning to change their behavior based on what they find inside a computer.

Traditional computer bugs follow a strict list of instructions written by a hacker, which makes them easier for security software to spot and block.

This new threat acts more like an independent agent by reading local corporate documents, checking email threads, and inventing new ways to trick workers.

Researchers at safety groups like Ben-Gurion University demonstrated that these systems can steal information and infect new machines entirely on their own.

Because these digital programs change their tactics every time they move, standard defensive tools cannot find a fixed pattern to stop them.

The software can rewrite its own code on the fly, allowing it to hide inside normal business traffic and mimic the typing styles of actual employees.

Security leaders are worried that these self-directing programs could quickly overwhelm IT departments by attacking multiple parts of a business at the same time.

Defenders must find new ways to stop self-thinking malware before these automated systems can find and exploit hidden network connections.

The alert focuses on a rapid shift in machine-driven hacking capabilities following the wider release of highly restricted defensive research models.

The core threat stems from a massive expansion of automated testing tools like Anthropic's specialized bug-hunting engine, Claude Mythos.

Gunter Ollmann from the security firm Cobalt explained that these new systems do not just look for single mistakes in computer code like traditional scanners do.

Instead, the advanced models can automatically link multiple small, low-risk software issues together to create a single, highly destructive attack chain without any human assistance.

While the original tool remains limited to a small group of vetted corporate groups, competing technology teams across the globe are building similar automated testing systems.

Paul Chichester from the United Kingdom's National Cyber Security Centre noted that international rivals are only a few months behind in creating identical testing setups.

As these advanced platforms become cheaper and easier to use, security experts warn that traditional risk scoring metrics will quickly become irrelevant for corporate defense teams.

Enterprise technology executives must adapt their operations for an environment where hidden system vulnerabilities are found and exploited at machine speed.

The sheer amount of computer code entering modern workspaces has completely outgrown what human teams can realistically check for safety errors.

Between artificial intelligence code assistants generating text, package managers pulling in updates, and third-party tools connecting systems together, data flows too fast for manual review.

Experts note that engineers have not become sloppy or lazy, rather, the math of trying to read every single line of automated software has become an impossible task.

When a security error happens inside modern software, it is often due to the strange ways different automated tools talk to each other outside of human sight.

Because code generators, local services, and cloud models continuously build on top of each other, understanding the entire combined system has become incredibly difficult.

This shift means that engineering environments are constantly changing throughout the day, creating new network connections before a security team can double-check them.

Building software safely now requires new tools that can help humans understand and validate massive amounts of machine-made code in real time.