Security News > 2024 > November > Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
2024-11-01 10:27
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket,
News URL
https://thehackernews.com/2024/11/massive-git-config-breach-exposes-15000.html
Related news
- Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms (source)
- ADT discloses second breach in 2 months, hacked via stolen credentials (source)
- Hackers steal 15,000 cloud credentials from exposed Git config files (source)
- Gang gobbles 15K credentials from cloud and email providers' garbage Git configs (source)