Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...
JD Supra

The Impact of Stolen Credentials

This week, Schneider Electric confirmed that it is investigating a security incident involving its JIRA internal development platform. The attacker group, “Grep,” allege that it stole 40 GB of data ...
Bleeping Computer

How initial access brokers (IABs) sell your users’ credentials

Even if you haven’t looked into the methods of initial access brokers (IABs), you've almost certainly read about their handiwork in recent cyber-attacks. These specialized cybercriminals break into ...
CSOonline

Stolen credentials increasingly empower the cybercrime underground

The cybercrime underground has long functioned as an open market where sellers of products and services are paired with buyers and contractors. One of the most valuable commodities on this market are ...
CSOonline

Customers of Sisense data analytics service urged to change credentials

The US Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to change any credentials they might have shared or stored with Sisense, a data analytics software and services ...