Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
The Hacker News

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce disabled Klue Battlecards integration after attackers used compromised OAuth tokens to access customer CRM data ...

FortiBleed campaign used custom FortiGate sniffer to steal credentials

Security firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to ...

How Artists Taught An EY Avatar To Be More Human

EY receives 400,000 job applications every year. Selecting the best employees—fairly, and at scale—turned out to require both ...
Developer Tech

AI agent breaches Fedora software supply chain

A rogue AI agent using compromised developer credentials breached the Fedora software supply chain and merged defective code ...

124 million passwords added to breach database. Yours may be in there, too

Have I Been Pwned has added 56 million email addresses and 124 million passwords collected from infostealer malware to its ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have.

Hackers Just Hit a State Wildlife Database in a Massive Security Breach. Experts Warn Others Could Be Next

State officials have confirmed that a major vendor breach exposed driver's licenses and passport numbers. Cybersecurity ...
techtimes

Credential Stuffing Risk Spikes: 24 Billion Stolen Passwords Linked to Live Exploit Data

Security researchers at Cybernews discovered on June 12 what they describe as one of the largest credential databases ever left exposed online — a publicly accessible Elasticsearch cluster holding 24 ...

A Glimpse into the “Search Your Target” Market for Stolen Credentials

Attackers no longer need to sift through massive credential dumps. They can pay others to do it for them. Flare explores how ...

124 Million Unique Passwords Exposed In New Infostealer Log Dataset

A new collection of 124 million unique passwords from hundreds of millions of malware stealer log records has been confirmed ...