GitHub Warns of Private Repositories Downloaded Using Stolen OAuth Tokens


GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party abusing stolen OAuth user tokens.

The incident was identified on April 12, when the code hosting platform observed suspicious activity on its npm production infrastructure.

read more

CISA Tells Orgs to Patch WatchGuard Flaw Exploited for Months Before Disclosure


The Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to patch a WatchGuard firewall vulnerability exploited in attacks linked to a Russian state-sponsored threat actor. While the US government has known about the exploitation of this flaw for several months, federal agencies are apparently only now being told to patch it.

read more

Scope Security CEO Mike Murray Passes Away


Scope Security has announced the sudden passing of its founder and CEO Mike Murray, a longtime practitioner and executive who was deeply embedded in the cybersecurity industry.

The healthcare security startup said Murray passed away on April 6.  He was 46.

read more