More information has come to light on the cyberattack disclosed this week by F5, including on attribution and potential risks.
The post F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts appeared first on SecurityWeek.
F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data
F5 has not shared too much information on the threat actor, but the attack profile seems to point to China.
The post F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data appeared first on SecurityWeek.
Red Hat Confirms GitLab Instance Hack, Data Theft
Hackers claim to have stolen 28,000 private repositories, including data associated with major companies that use Red Hat services.
The post Red Hat Confirms GitLab Instance Hack, Data Theft appeared first on SecurityWeek.
US, Allies Warn of Memory Unsafety Risks in Open Source Software
Most critical open source software contains code written in a memory unsafe language, US, Australian, and Canadian government agencies warn.
The post US, Allies Warn of Memory Unsafety Risks in Open Source Software appeared first on SecurityWeek.
‘Phantom’ Source Code Secrets Haunt Major Organizations
Aqua Security shows that code in repositories remains accessible even after being deleted or overwritten, continuing to leak secrets.
The post ‘Phantom’ Source Code Secrets Haunt Major Organizations appeared first on SecurityWeek.
New York Times Responds to Source Code Leak
The New York Times has issued a statement after someone leaked source code allegedly belonging to the news giant.
The post New York Times Responds to Source Code Leak appeared first on SecurityWeek.
Leaked GitHub Token Exposed Mercedes Source Code
A leaked token provided unrestricted access to the entire source code on Mercedes-Benz’s GitHub Enterprise server.
The post Leaked GitHub Token Exposed Mercedes Source Code appeared first on SecurityWeek.
Thousands of Popular Websites Leaking Secrets
Truffle Security has discovered thousands of popular websites leaking their secrets, including .git directories and AWS and GitHub keys.
The post Thousands of Popular Websites Leaking Secrets appeared first on SecurityWeek.
Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer
Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub.
The post Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer appeared first on SecurityWeek.
BlackLotus UEFI Bootkit Source Code Leaked on GitHub
The source code for the BlackLotus UEFI bootkit has been leaked on GitHub and an expert has issued a warning over the risks.
The post BlackLotus UEFI Bootkit Source Code Leaked on GitHub appeared first on SecurityWeek.