News

This worrying Git flaw could lead to users leaking credentials

Security researcher finds related attacks and dubbed them Clone2Leak This allowed threat actors to leak credentials through ...
Bleeping Computer

GitHub accounts stolen in ongoing phishing attacks

GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page. Besides taking over their ...
Hosted on MSN

Git Tools Patched to Address Credential Vulnerabilities: Update Now

Two recent security issues with Git and its related tools have been fixed, so users should update their software. The vulnerabilities, CVE-2024-53263 and CVE-2024-53858, involve issues with credential ...
Bleeping Computer

GitHub rotates keys to mitigate impact of credential-exposing flaw

GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables. This unsafe ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...