April 7, 2025

That massive GitHub supply chain attack? It all started with a stolen SpotBugs token

But this mystery isn't over yet, Unit 42 opines That massive GitHub supply chain attack that spilled secrets from countless projects? It traces back to a stolen token from a SpotBugs workflow - exposed way back in November, months earlier than previously suspected.…

Alleged Scattered Spider SIM-swapper must pay back $13.2M to 59 victims

Crummy OPSEC leads to potentially decades in prison Noah Michael Urban, 20, of alleged Scattered Spider infamy, has pleaded guilty to various charges and potentially faces decades in prison.…

Chrome to patch decades-old flaw that let sites peek at your history

After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people's web browsing histories will get shut down in the forthcoming Chrome 136, released last Thursday to the Chrome beta channel.…

UK’s attempt to keep details of Apple ‘backdoor’ case secret… denied

Last month's secret hearing comes to light Details of Apple's appeal against the UK's so-called "backdoor order" will now play out in public after the Home Office failed in its bid to keep them secret on national security grounds.…

What native cloud security tools won’t catch

Native tools help, but they don’t cover everything - here’s what they miss and how to close the gaps Partner Content  : AWS provides a number of security services, such as GuardDuty, Inspector, Config, and Security Hub, designed to protect your cloud environment.…

Copyright © 2024 Lugapel