Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even...
News
Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar
Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within...
New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites
Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain,...
81% of US Small Businesses Affected by Data Breaches: Security Measures on the Rise
In a concerning trend, 81% of US small businesses faced data breaches last year, compelling many to ramp up their...
Surge in Malware Attacks: 236% Increase Targeting Government Sector
The government sector is witnessing a troubling 236% surge in malware attacks, highlighting an urgent need for enhanced cybersecurity measures....
Emeraldwhale Attack Exposes Misconfigured Git Configurations and 15,000 Credentials
The Emeraldwhale attack has revealed vulnerabilities in misconfigured Git configurations, leading to the theft of over 15,000 cloud service credentials....
Chinese Hackers Breach Canadian Government Networks: A Growing Cyber Threat
Chinese-sponsored hackers have compromised at least 20 Canadian government networks over the past four years, raising alarms about national security....
Xiu Gou Phishing Kit Targets Users in US and Worldwide with Unique Mascot
The Xiu Gou phishing kit is a new cyber threat targeting users in the US, UK, Australia, Japan, and Spain,...
North Korean Hackers’ First Collaboration with Play Ransomware
A North Korean-backed hacking group has taken a significant step by engaging in a ransomware campaign, marking a notable shift...
LottieFiles Issues Warning About Compromised “lottie-player” npm Package
LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to...
New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics
Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its...
Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities
In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as "the...
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites
A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat...
Midnight Blizzard Spearphishing Campaign Exposes Thousands to RDP Threats
The Midnight Blizzard spearphishing campaign poses a serious threat, targeting thousands with malicious RDP files and information-stealing tactics. Microsoft has...
FakeCall Malware: New Vishing Threats Targeting Mobile Devices
The rise of FakeCall malware introduces a sophisticated vishing threat, putting mobile device security at risk. Understanding this malware is...
CISA Unveils Its First International Cybersecurity Strategy
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural international strategic plan aimed at enhancing global collaboration in...
Apple Security Update: Critical Patches for macOS and iOS Vulnerabilities
Apple has implemented vital security updates across its operating systems, enhancing protection against vulnerabilities in macOS and iOS. On October...
LiteSpeed Cache Plugin Vulnerability Exposes Admin Access Risk
A newly discovered LiteSpeed Cache plugin vulnerability allows unauthorized users to gain admin access, impacting over 6 million WordPress sites....
Over Half of US County Websites Are Vulnerable to Spoofing
Security concerns are ringing alarm bells as an alarming report reveals that many US county websites are at risk of...
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play,...
Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information
A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access...
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware
Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute information...
Embarking on a Compliance Journey? Here’s How Intruder Can Help
Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be daunting. Luckily, Intruder simplifies the...
Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code
Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed...
