GitHub code-signing certificates stolen (but will be revoked this week)
Credit to Author: Paul Ducklin| Date: Tue, 31 Jan 2023 11:35:30 +0000
There was a breach, so the bad news isn’t great, but the good news isn’t too bad…
Read moregithub
A week in security (January 16—22)
Categories: News Tags: Google Tags: Rust Tags: Chromium Tags: Mailchimp Tags: SweepWizard Tags: bossware Tags: TikTok Tags: surveillance firm Tags: Voyager Labs Tags: TracketPacer Tags: Facebook Tags: Instagram Tags: Vice Society Tags: Liquor Control Board of Ontario Tags: Zoho ManageEngine Tags: GitHub Tags: LastPass Tags: Git flaw Tags: ransomware Tags: credit card fraud The most interesting security related news from the week of January 16-22. |
The post A week in security (January 16—22) appeared first on Malwarebytes Labs.
Read moreA week in security (January 9—15)
Categories: News Tags: AWIS Tags: weekly blog roundup Tags: week in security Tags: Slack Tags: GitHub Tags: Magecart Tags: Microsoft Tags: Pokemon NFT Tags: Facebook Tags: Instagram Tags: Snapchat Tags: TikTok Tags: YouTube Tags: Google Tags: Meta Tags: identity theft Tags: Maternal & Family Health Services Tags: 2023 predictions Tags: Royal Mail Tags: K-12 security Tags: K-12 Tags: WhatsApp Tags: NSO Group Tags: Department of Interior Tags: weak passwords Tags: Vice Society Tags: ransomware. Vice Society ransomware The most interesting security related news from the week of January 9—15. |
The post A week in security (January 9—15) appeared first on Malwarebytes Labs.
Read moreSlack private code on GitHub stolen
Categories: News Tags: Slack Tags: GitHub Tags: data breach Tags: Slack breach Tags: compromised tokens Stolen employee tokens gave an attacker access to Slack’s private code repositories. |
The post Slack private code on GitHub stolen appeared first on Malwarebytes Labs.
Read moreOkta breached last month, no customers compromised
Categories: News Tags: Okta Tags: GitHub Tags: Auth0 Okta’s code repository on GitHub has been accessed by an unauthorized third party, but there’s no reason for customers to worry |
The post Okta breached last month, no customers compromised appeared first on Malwarebytes Labs.
Read moreTikTok “Invisible Challenge” porn malware puts us all at risk
Credit to Author: Paul Ducklin| Date: Tue, 29 Nov 2022 17:58:21 +0000
An injury to one is an injury to all. Especially if the other people are part of your social network.
Read moreFake Proof-of-Concepts used to lure security professionals
Categories: Exploits and vulnerabilities Categories: News Tags: PoC Tags: PoCs Tags: Leiden Tags: GitHub Tags: VirusTotal Tags: AbuseIPDB Researchers from Leiden University analyzed many thousands of Proof-of-Concepts and found that 10 percent of those they found on GitHub are malicious |
The post Fake Proof-of-Concepts used to lure security professionals appeared first on Malwarebytes Labs.
Read moreUpdate now! GitLab issues critical security release for RCE vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: GitLab Tags: RCE Tags: CVE-2022-2884 Tags: GitHub Tags: import GitLab has released important security fixes to patch for an RCE vulnerability, known as CVE-2022-2884. |
The post Update now! GitLab issues critical security release for RCE vulnerability appeared first on Malwarebytes Labs.
Read moreS3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
Credit to Author: Paul Ducklin| Date: Thu, 11 Aug 2022 14:34:09 +0000
Latest episode – listen now! (Or read the transcript if you prefer.)
Read moreGitHub blighted by “researcher” who created thousands of malicious projects
Credit to Author: Paul Ducklin| Date: Wed, 03 Aug 2022 23:06:28 +0000
If you spew projects laced with hidden malware into an open source repository, don’t waste your time telling us “no harm done” afterwards.
Read more