Sat.Jun 08, 2024

article thumbnail

New York Times source code stolen using exposed GitHub token

Bleeping Computer

Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer. [.

143
143
article thumbnail

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

The Hacker News

Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.

129
129
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

DDoS attacks target EU political parties as elections begin

Bleeping Computer

Hacktivists are conducting DDoS attacks on European political parties that represent and promote strategies opposing their interests, according to a report by Cloudflare. [.

DDOS 128
article thumbnail

New York Times source code compromised via exposed GitHub token

Security Affairs

The source code and data of The New York Times leaked on the 4chan was stolen from the company’s GitHub repositories in January 2024. This week, VX-Underground first noticed that the internal data of The New York Times was leaked on 4chan by an anonymous user. The mysterious user leaked 270GB of data and claimed that the American newspaper has over 5,000 source code repositories, with less than 30 being encrypted.

article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

CVE-2024-4177: SSRF Vulnerability Patched in Bitdefender GravityZone Console On-Premise

Penetration Testing

Bitdefender, a leading cybersecurity provider, has addressed a critical vulnerability (CVE-2024-4177, CVSS 8.1) in its GravityZone Console On-Premise product. The flaw, discovered by security researcher Nicolas Verdier (n1nj4sec), could allow attackers to perform server-side... The post CVE-2024-4177: SSRF Vulnerability Patched in Bitdefender GravityZone Console On-Premise appeared first on Cybersecurity News.

article thumbnail

Apple Is Coming for Your Password Manager

WIRED Threat Level

Plus: A media executive is charged in an alleged money-laundering scheme, a ransomware attack disrupts care at London hospitals, and Google’s former CEO has a secretive drone project up his sleeve.

article thumbnail

eSentire Exposes Ongoing More_eggs Malware Campaign Targeting Job Seekers

Penetration Testing

eSentire’s Threat Response Unit (TRU) has unveiled a persistent and sophisticated cyber campaign employing the notorious more_eggs malware, primarily targeting recruiters in the industrial services sector. This campaign exploits the trust inherent in job... The post eSentire Exposes Ongoing More_eggs Malware Campaign Targeting Job Seekers appeared first on Cybersecurity News.

Malware 55