Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds
SonicWall said that a threat actor has accessed files containing encrypted credentials and configuration data for all customers who have used its cloud backup service
Threat actors are exploiting cloud platforms like Adobe and Dropbox to evade email gateways and steal credentials
Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment
EMERALDWHALE breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials
Evasive Panda’s CloudScout uses MgBot to steal session cookies, infiltrating cloud data in Taiwan
Sysdig said the attackers gained access to these credentials from a vulnerable version of Laravel
Harvesting API keys and secrets from AWS SES, Microsoft Office 365 and other services