Skip to content
cyber security news today Page 8

cyber security news today

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The… 

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Nov 01, 2024Ravie LakshmananThreat Intelligence / Network Security Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech… 

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns

Nov 01, 2024Ravie LakshmananData Security / Artificial Intelligence Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it’s taking the time to improve the experience. The development was… 

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000… 

New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics

New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics

Oct 31, 2024Ravie LakshmananSpyware / Mobile Security Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its functionality, but also incorporates destructive capabilities to prevent… 

LottieFiles Issues Warning About Compromised “lottie-player” npm Package

LottieFiles Issues Warning About Compromised “lottie-player” npm Package

Oct 31, 2024Ravie LakshmananCryptocurrency / Software Development LottieFiles has revealed that its npm package “lottie-player” was compromised as part of a supply chain attack, prompting it to release an updated version of the library. “On… 

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Oct 31, 2024Ravie LakshmananVulnerability / Website Security A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious…