Feuding Ransomware Groups Leak Each Other's Data
When 0APT and KryBit attacked each other, they exposed infrastructure and operational data, giving defenders rare insight into ransomware operations.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
When 0APT and KryBit attacked each other, they exposed infrastructure and operational data, giving defenders rare insight into ransomware operations.
A total of 91,403 sessions targeted public LLM endpoints to find leaks in organizations' use of AI and map an expanding attack surface.
Researchers discovered more than 550 unique secrets exposed in Visual Studio Code marketplaces, prompting Microsoft to bolster security measures.
In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments.
Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.
Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations.
A server-side forgery (SSRF) bug in Microsoft's tool for creating custom AI chatbots potentially exposed info across multiple tenants within cloud environments.
With AI use ramping up rapidly, a growing number of enterprise security teams have begun putting controls in place to protect sensitive data from accidental exposure and leaks.
An attack on a technology partner claimed by LockBit ransomware exposed sensitive information, including Social Security numbers, of more than 57,000 banking customers.
Shared Access Signature (SAS) link exposed a storage bucket with 38TB of private data, including passwords, Teams messages, and the backups of two Microsoft AI research employees' workstations.
Researchers found that the private keys and secrets they discovered being exposed within the Docker framework are already being used in the wild.
With more than 50,000 publicly leaked OpenAI keys on GitHub alone, OpenAI developer accounts are the third-most exposed in the world.
The government-sponsored dental and oral healthcare provider warned its customers that a March attack exposed sensitive data, some of which was leaked online by the ransomware group.
Relatives are being alerted that a PharMerica compromise exposed the sensitive data of their deceased loved ones, which could be used for identity theft.
A misconfigured cloud instance exposed vehicle data, but not personally identifiable information, the car maker says.
While Intel is still investigating the incident, the security industry is bracing itself for years of potential firmware insecurity if the keys indeed were exposed.
API Leak Management software discovers exposed API keys and other secrets, blocks their use, and monitors for abuse, the company says.
Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher.
Software code pushed to online code repositories exposed twice as many secrets compared to last year, putting organizations' security at risk.