Systemic Ransomware Events in 2025 – How Jaguar Land Rover Showed What a Category 3 Supply Chain Breach Looks Like

DumpBrowserSecrets is a publicly documented post‑exploitation tool that harvests browser-stored credentials and session tokens from Chromium- and Gecko-based browsers on Windows by using techniques including headless Chromium spawning, Early Bird APC DLL injection to leverage the IElevator COM interface (bypassing App‑Bound Encryption), DPAPI/NSS handling, and various evasion measures; it outputs structured JSON useful for lateral movement or cloud account takeover and includes detection and mitigation guidance.