Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.
The post Git Vulnerabilities Led to Credentials Exposure appeared first on SecurityWeek.
SecurityWeek – Read More
The Open Web Application Security Project has recently introduced a new Top 10 project – the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists.
Non-human identity security represents an emerging
The Hacker News – Read More
“Yahoo Boy” scammers are impersonating CNN and other news organizations to create videos that pressure victims into making blackmail payments.
Security Latest – Read More
The impact of the Change Healthcare ransomware-caused data breach has increased from 100 million to 190 million individuals.
The post Change Healthcare Data Breach Impact Grows to 190 Million Individuals appeared first on SecurityWeek.
SecurityWeek – Read More
A hacker claims to be selling the data of 18.8 million TalkTalk customers, but the telecoms giant says this figure is ‘significantly overstated’
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities.
The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.
The Hacker News – Read More
Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC.
“MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or a JScript file,”
The Hacker News – Read More
Cary, North Carolina, 26th January 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
A high-severity security flaw has been disclosed in Meta’s Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server.
The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has assigned it a
The Hacker News – Read More
UnitedHealth Group has confirmed that a ransomware attack targeted its subsidiary, Change Healthcare, in February 2024, impacting 190…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More