#credential-exposure

[ follow ]
#npm #cloudflare #waf-bypass #acme-protocol #supply-chain-attack #self-replicating-worm #secret-scanning
Information security
fromTechzine Global
1 week ago

Cloudflare vulnerability made every host accessible

A Cloudflare WAF bypass allowed ACME path requests to reach origin servers, exposing credentials and tokens until Cloudflare implemented a permanent fix.
Information security
fromCyberScoop
2 months ago

Shai-Hulud worm returns stronger and more automated than ever before

A self-replicating worm trojanized nearly 500 npm packages, exposing over 26,000 GitHub repositories and enabling widespread credential theft and automated propagation.
Information security
fromInfoQ
3 months ago

HashiCorp Warns Traditional Secret Scanning Tools Are Falling Behind

Traditional secret scanning tools fail to prevent secret exposure; prevention-first integration across developer tools, CI/CD pipelines, and incident response is required.
Information security
fromThe Hacker News
3 months ago

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Widespread compromise of SonicWall SSL VPN devices enabled attackers to rapidly access multiple customer environments using valid credentials.
Information security
fromThe Hacker News
5 months ago

Malicious Nx Packages in 's1ngularity' Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

Malicious nx and supporting plugins were published to npm, containing code that harvested credentials, scanned file systems, and exfiltrated data to GitHub repositories.
Privacy technologies
fromHackernoon
2 years ago

xonPlus Launches Real-Time Breach Alerting Platform For Enterprise Credential Exposure | HackerNoon

xonPlus launches a digital risk alert system to help teams detect credential exposures in real-time before attackers can exploit them.
[ Load more ]