Forget Santa, HP Warns Hackers Are Coming For Your Cookies

HP Threat Research just issued a new security report detailing a growing trend by attackers towards hijacking session cookies as an alternative means to tried-and-true credential theft. The reason hackers are finding a bigger appetite for sessions cookies is because today's hybrid work environment has led to changes that make stealing cookies more appealing than the old way of doing things.

Citing its 2025 Work Relationship Index, HP says one in five employees now work flexibly across office, home, and mobile environments. Meanwhile, enterprises are increasingly moving their core infrastructures to the cloud for the convenience of managing IT chores with a web browser, rather than utilizing on-premise domain controllers. This has led to a change in the way threat attackers breach organizations.

"Rather than steal credentials, attackers are now increasingly focusing on stealing authentication cookies. In this type of attack, a threat actor no longer needs to steal ...