"Hackers Steal 15,000 Cloud Credentials From Exposed Git Config Files"

"Hackers Steal 15,000 Cloud Credentials From Exposed Git Config Files"

An operation named "EmeraldWhale" has led to the theft of over 15,000 cloud account credentials from thousands of private repositories by scanning for exposed Git configuration files. The campaign, discovered by researchers at Sysdig, uses automated tools to scan IP ranges for exposed Git configuration files, which may contain authentication tokens. Hackers behind the operation then use the tokens to download repositories stored on GitHub, GitLab, and BitBucket, which are scanned for additional credentials.

Submitted by Gregory Rigby on

"Canadian Government Data Stolen By Chinese Hackers"

"Canadian Government Data Stolen By Chinese Hackers"

According to the Canadian Centre for Cyber Security's 2025-2026 "National Cyber Threat Assessment," Chinese state-sponsored threat actors have maintained access to at least 20 Canadian government networks for four years to steal valuable data. The Cyber Centre reported that the threat actors targeted information to advance the Chinese Communist Party's (CCP) strategic, economic, and diplomatic interests as well as gain an advantage in China-Canada bilateral relations and commercial matters.

Submitted by Gregory Rigby on

"Over a Thousand Online Shops Hacked to Show Fake Product Listings"

"Over a Thousand Online Shops Hacked to Show Fake Product Listings"

Since 2019, a phishing campaign named "Phish n' Ships" has infected over 1,000 legitimate online stores to promote fake product listings for rare items. Those who click on those products are redirected to a network consisting of hundreds of fake web stores that steal their personal information and money. HUMAN's Satori Threat Intelligence discovered that the malicious campaign has affected hundreds of thousands of consumers and cost tens of millions of dollars. This article continues to discuss findings regarding the Phish n' Ships campaign.

Submitted by Gregory Rigby on

"Ransomware Hits Web Hosting Servers via Vulnerable CyberPanel Instances"

"Ransomware Hits Web Hosting Servers via Vulnerable CyberPanel Instances"

A threat actor has targeted about 22,000 vulnerable CyberPanel instances and encrypted files on the servers that run it using PSAUX and other ransomware. CyberPanel is a popular open source control panel for managing servers used to host websites. This article continues to discuss findings regarding the massive ransomware attack targeting vulnerable CyberPanel instances.

Help Net Security reports "Ransomware Hits Web Hosting Servers via Vulnerable CyberPanel Instances"

Submitted by Gregory Rigby on

"Ex-Disney Employee Charged With Hacking Menu Database"

"Ex-Disney Employee Charged With Hacking Menu Database"

The former Disney employee was arrested and charged with hacking the company's systems and changing restaurant menus. Michael Scheuer, a former Disney menu production manager, was charged with three Computer Fraud and Abuse Act (CFAA) violations. Scheuer's work credentials still functioned after his termination, allegedly allowing him to log into the Disney menu creation system contracted by a third-party company. This article continues to discuss the incident.

Submitted by Gregory Rigby on

"LiteSpeed Cache WordPress Plugin Bug Lets Hackers Get Admin Access"

"LiteSpeed Cache WordPress Plugin Bug Lets Hackers Get Admin Access"

The free version of the popular WordPress plugin LiteSpeed Cache recently fixed a dangerous privilege elevation flaw with its latest update that could allow unauthenticated site visitors to gain admin rights.  LiteSpeed Cache is a caching plugin used by over six million WordPress sites, helping to speed up and improve user browsing experience.  Security researchers at Patchstack discovered the high-severity flaw  CVE-2024-50550.

Submitted by Adam Ekwall on

"Mystic Valley Elder Services Data Breach Impacts 87,000 People"

"Mystic Valley Elder Services Data Breach Impacts 87,000 People"

Mystic Valley Elder Services (MVES) recently announced that it suffered a data breach that affected many individuals. The company is a Massachusetts-based non-profit that provides health and other services to the elderly and people with disabilities.

Submitted by Adam Ekwall on

"Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution"

"Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution"

Yahoo’s vulnerability research team has recently identified nearly a dozen flaws in OpenText’s NetIQ iManager product, including some that could have been chained for unauthenticated remote code execution.  The research team discovered 11 vulnerabilities that could have been exploited individually for cross-site request forgery (CSRF), server-side request forgery (SSRF), remote code execution (RCE), arbitrary file upload, authentication bypass, file disclosure, and privilege escalation.

Submitted by Adam Ekwall on

"Government Sector Suffers 236% Surge in Malware Attacks"

"Government Sector Suffers 236% Surge in Malware Attacks"

According to security researchers at SonicWall, global threat actors have been ramping up attacks on government targets, with a triple-digit annual increase in malware-driven attempts to compromise victims in the first three months of the year.  Alongside the 236% year-on-year (YoY) increase in Q1 2024, the researchers recorded a 27% annual increase in government attacks in the month leading up to the US election.  The researchers claimed that recorded DDoS attacks are on track to surpass last year’s figure by 32%.

Submitted by Adam Ekwall on
Subscribe to