A type of cyberattack where stolen username-password pairs are automatically injected into login forms to gain unauthorized access to user accounts across multiple services.