CISA shares postmortem of GitHub credential leak
CISA credentials and code were uploaded to a public repository on a contractor’s personal GitHub account in May.
Aggregating 7483 articles from trusted cybersecurity sources
CISA credentials and code were uploaded to a public repository on a contractor’s personal GitHub account in May.
Angelo John Martino III, a former ransomware negotiator for DigitalMint, was sentenced to 70 months in jail for deceiving his employer’s clients and conspiri...
Post-quantum HTTPS may expose browser, cookie and TLS proxy security gaps.
The incident occurred after a contributor's abusive behavior reportedly led to some members leaving the project.
The supply-chain attack was detected by application security companies Socket, Ox Security, and StepSecurity via version 1.20.
In a rare combined cybersecurity/squid post, a twenty-nine-year-old squid proxy bug can leak HTTP requests. As usual, you can also use this squid post to tal...
Zimbra addressed a critical stored XSS vulnerability in its Classic Web Client that lets malicious emails execute code when opened. Zimbra has released versi...
Attackers pose as IT and tell employees to enroll an MS passkey, but the bad guys register their own key and take over the user.
Karen Vardanyan faces up to 15 years in federal prison and agreed to pay nearly $1.2 million in restitution.
The law known as Chat Control 2.0 passed in the European Parliament, permitting companies like Google, Meta and Microsoft to scan users' messages to hunt for...
A major credential leak spurred the Cybersecurity and Infrastructure Security Agency to strengthen protections for its sensitive materials, improve how resea...
The breach, which occurred on February 7 and was disclosed on February 12, affected 6.2 million Odido customers.
The breach, which Miinto reported to the police and data protection authorities, may have compromised customer names, email addresses, physical addresses, an...
The Dutch National Police (Politie) says it has found "strong indications" that Dutch hackers have been involved in a February breach at the telecommunicatio...
Authorities launch Operation First Light 2026, attackers deploy Forg365 to hijack Microsoft accounts, and rival cyberspies breach Pakistani police networks.
When done correctly, regulations can help companies restore operations quickly and maintain trust after a breach.
Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA b...
AssuranceAmerica discovered unauthorized access to its systems on March 17, concluding its investigation on June 15.
AssuranceAmerica confirmed a breach exposing nearly 7 million driver’s licenses after hackers compromised an employee account and stole customer data. U.
Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs. The post 12 Million Impacted by Data Breach at Jap...
AssuranceAmerica, a U.S.
A threat actor on a prominent cybercrime forum has claimed responsibility for leaking data allegedly belonging to Nike and Alcon, posting the purported datas...
American insurance company AssuranceAmerica has disclosed a data breach impacting nearly 7 million drivers after attackers gained access to its systems earli...