SecurityWeek

SailPoint Discloses GitHub Repository Hack

SailPoint notified the SEC that hackers exploited a vulnerability in a third-party application to access some of its GitHub ...
GovInfoSecurity

Trellix Discloses Source Code Hack

Trellix disclosed over the weekend that hackers found their way to its source code repository. The company said that investigation so far turned up "no ...
Bleeping Computer

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The ...

Trellix confirms data breach after hack of 'a portion' of its source code

Key details are still missing, but Trellix says it found no evidence of source code release or distribution process being affected.
Infosecurity Magazine

Malicious Hugging Face Repository Typosquats OpenAI

Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...
OSTechNix

Rocky Linux Launched an Emergency, Opt-in Security Repository to Fix Critical Vulnerabilities

Rocky Linux team introduced an optional, opt-in Security Repository to provide urgent security hot-fixes for critical kernel ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
Bleeping Computer

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. Dubbed ...