Slack’s private GitHub code repositories stolen over holidays
Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. [...]
Toyota, Mercedes, BMW API flaws exposed owners’ personal info
Security analysts disclosed severe API security flaws impacting numerous car makers, enabling them to access vehicle owner information, take over…
BitRAT malware campaign uses stolen bank data for phishing
Threat actors behind a recent malware campaign have been using the stolen information of bank customers in Colombia as lures…
BleepingComputer’s most popular cybersecurity stories of 2022
It was a big year for cybersecurity in 2022 with massive cyberattacks and data breaches, innovative phishing attacks, privacy concerns,…
Extracting Encrypted Credentials From Common Tools
Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this.
Google Home speakers allowed hackers to snoop on conversations
A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely…
Hackers abuse Google Ads to spread malware in legit software
Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products.…
Why Attackers Target GitHub, and How You Can Secure It
The unfettered collaboration of the GitHub model creates a security headache. Follow these seven principles to help relieve the pain.
Hackers bombard PyPi platform with information-stealing malware
The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to…
Researcher Bypasses Akamai WAF
Patched several months ago, researcher reports how they used Spring Boot to sneak past Akamai's firewall and remotely execute code.