Security News

Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index, and the Python Software Foundation repositories. JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker Hub.

Microsoft has provided a temporary workaround for a known issue preventing the Microsoft Photos app from launching on some Windows 11 systems. [...]

Exclusive A Microsoft zero-day exploit that Trend Micro's Zero Day Initiative team claims it found and reported to Redmond in May was disclosed and patched by the Windows giant in July's Patch Tuesday - but without any credit given to ZDI. The flaw, tracked as CVE-2024-38112, is in MSHTML - Microsoft's proprietary browser engine for Internet Explorer. This entire series of unfortunate events not only highlights problems with Microsoft's bug reporting program, but also the coordinated vulnerability disclosure process in general, according to Childs.

The SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations in recent attacks. The ransomware operation was given the name SEXi based on the SEXi.txt ransom note name and the.

Microsoft has confirmed that Windows Server updates from last month's Patch Tuesday break some Microsoft 365 Defender features that use the network data reporting service. "Devices which have installed Windows Server updates released June 11, 2024 might experience problems with Microsoft 365 Defender," the company explained on the Windows Server health dashboard.

According to AT&T, the threat actor accessed phone call and text message records, including which phone numbers customers interacted with and, in some cases, cell site ID numbers. AT&T first became aware of the attack on April 19 after "a threat actor claimed" to have accessed the data, according to AT&T's SEC filing about the incident.

Security researchers are claiming a spate of DNS hijackings at web3 businesses is linked to Squarespace's acquisition of Google Domains last year. According to the researchers' report, Squarespace pre-registered a bunch of email addresses it thought would be useful to have set up as domain admins following the migration without checking if the email accounts existed.

Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. While using Facebook advertisements to push information-stealing malware is not new, the social media platform's massive reach makes these campaigns a significant threat.

The maintainers of the Exim mail transfer agent have fixed a critical vulnerability that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. CVE-2024-39929 affects Exim releases up to and including 4.97.1, and has been fixed in Exim v4.98, which was released last week.

Log Cloud is a service that provides you with a stream of more or less "Fresh" logs daily, usually in the form of a Telegram channel or a continuously updated MEGA.nz storage. These logs have usually passed through many hands and are "Worked out" for the most popular requests, but they may still contain a golden nugget if you know what you are looking for.