Clone2Leak attacks exploit Git flaws to steal credentials
A set of three distinct but related attacks, dubbed ‘Clone2Leak,’ can leak credentials by exploiting how Git and its credential…
A set of three distinct but related attacks, dubbed ‘Clone2Leak,’ can leak credentials by exploiting how Git and its credential…
Attackers who infiltrated Change Healthcare using unsecured account credentials were not only able to exfiltrate individuals’ names, birthdates, home and…
UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack,…
UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data…
Nearly 1,000 fake Reddit and WeTransfer pages are being used to spread Lumma Stealer malware, a Sekoia.io researcher reported this…
Zyxel is warning that a bad security signature update is causing critical errors for USG FLEX or ATP Series firewalls, including putting…
Microsoft has reminded Windows administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18,…
A North Korean threat group has been using a technique called RID hijacking that tricks Windows into treating a low-privileged account…
Security researchers have discovered an arbitrary account takeover flaw in Subaru’s Starlink service that could let attackers track, control, and hijack vehicles in…
A threat actor targeted low-skilled hackers, known as “script kiddies,” with a fake malware builder that secretly infected them with…