Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

/in

A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications.
“Multiple security missteps were present in the course of this campaign, including the following: Exposing environment variables, using long-lived credentials, and absence

The Hacker News – ​Read More

Biotech Company Hacked in 2023 Pays States $4.5 Million Over Breached DataThousands of Oracle NetSuite E-Commerce Sites Expose Sensitive Customer DataThousands of Oracle NetSuite E-Commerce Sites Expose Sensitive Customer Dat...