Security News

Web hosting giant GoDaddy says unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment. While GoDaddy discovered the security breach in early December 2022 following customer reports that their sites were being used to redirect to random domains, the attackers had access to the company's network for multiple years.

DOUG. Patching bugs, hacking Reddit, and the early days of computing. Like in the LastPass breach and the recent GitHub breach, source code got stolen, along with a bit of other stuff.

A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses. In a new security advisory, Emsisoft warned that one of its customers was targeted by hackers using an executable signed by a spoofed Emsisoft certificate.

The healthcare provider giant said on Monday that Fortra issued an alert saying that it had "Experienced a security incident" leading to some CHS data being compromised. A subsequent investigation revealed that the resulting data breach affected the personal and health information of up to 1 million patients.

Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing malware and the extraction of data from its IT systems.Pepsi Bottling Ventures is the largest bottler of Pepsi-Cola beverages in the United States, responsible for manufacturing, selling, and distributing popular consumer brands.

The California-based networking hardware manufacturer 'A10 Networks' has confirmed to BleepingComputer that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data.A10 Networks specializes in the manufacturing of software and hardware application delivery controllers, identity management solutions, and bandwidth management appliances, while it also offers firewall and DDoS threat intelligence and mitigation services.

Multiple medical groups in the Heritage Provider Network in California have suffered a ransomware attack, exposing sensitive patient information to cybercriminals. The entities collectively issued a notice of data breach at the start of the month and shared a sample letter with the California Attorney General's office earlier this week.

Popular social news website and forum Reddit has been breached and the attacker "Gained access to some internal docs, code, as well as some internal dashboards and business systems," but apparently not to primary production systems and user data."Exposure included limited contact information for company contacts and employees, as well as limited advertiser information. Based on several days of initial investigation by security, engineering, and data science, we have no evidence to suggest that any of your non-public data has been accessed, or that Reddit's information has been published or distributed online," said Reddit CTO Christopher Slowe, who goes online by the handle "KeyserSosa".

Popular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on a "Sophisticated and highly-targeted phishing attack" that took place on February 5, 2023, targeting its employees.

Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code. The company says the hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site.