Tag: leak
-
Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca
Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information. The Lapsus$ group claims it breached AstraZeneca, stealing about 3GB of sensitive data. The alleged leak includes credentials, tokens, internal code repositories (Java, Angular, Python), and employee information, though the company has not yet confirmed the breach. Even…
-
DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses
Cybersecurity researchers say the GitHub leak threatens to “democratize” iPhone exploits that were once reserved for nation-states, potentially putting hundreds of millions of iOS 18 devices at risk. First seen on cyberscoop.com Jump to article: cyberscoop.com/darksword-iphone-spyware-leak-ios-18-exploit-threat/
-
New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack
A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk. The post New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-darksword-leak-iphone-exploit-risk-after-initial-attack/
-
Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities
A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance’s memory First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/citrix-patch-netscaler/
-
Citrix NetScaler critical flaw could leak data, update now
Citrix warns of a critical NetScaler flaw (CVE-2026-3055) that could leak sensitive data; users are urged to apply security updates immediately. Citrix issued security updates for two NetScaler vulnerabilities, including a critical memory overread, tracked as CVE-2026-3055 (CVSS score of 9.3), that allows unauthenticated attackers to leak sensitive data. The flaw CVE-2026-3055 is an insufficient…
-
DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk
DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through… First seen on hackread.com Jump to article: hackread.com/darksword-iphone-exploit-leaked-online/
-
Exploit-Kit veröffentlicht: Leak auf Github gefährdet Millionen von iPhones
Eine neue Version des Exploit-Kits Darksword ist auf Github aufgetaucht. Zahlreiche iPhones lassen sich dadurch mit nur einem Klick infiltrieren. First seen on golem.de Jump to article: www.golem.de/news/exploit-kit-veroeffentlicht-leak-auf-github-gefaehrdet-millionen-von-iphones-2603-206852.html
-
New Leak Site Tied to Active Initial Access Broker Emerges on Underground Forums
A new Tor-based leak site dubbed ALP-001 has quietly moved from selling network footholds to publicly naming victims, signaling an evolution from pure initial access brokerage to full-scale cyber extortion. The ALP-001 site, reachable only over Tor, advertises itself as a “Data Leaks / Access Market,” blending hallmarks of both a ransomware leak portal and…
-
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application.The vulnerabilities are listed below -CVE-2026-3055 (CVSS score: 9.3) – Insufficient input validation leading to memory overreadCVE-2026-4368 (CVSS score: 7.7) – Race condition leading to user…
-
US chip testing firm shrugged off ransomware hit as minor then came the data leak
Trio-Tech International initially said hack wasn’t ‘material,’ but then stolen data was published First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/us_chip_testing_firm_shrugged/
-
US chip testing firm shrugged off ransomware hit as minor – then came the data leak
Trio-Tech International initially said hack wasn’t ‘material,’ but then stolen data was published First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/us_chip_testing_firm_shrugged/
-
When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com Part Three
Dear blog readers, Continuing the “When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Two” blog post series in this post I’ll continue analyzing the next malicious software binary which I obtained by data mining Conti Leaks with a lot of success. …
-
FBI Seizes Iranian Online Leak Sites After Stryker Hack
New Handala Site Is Also Available. U.S. federal agents seized four web domains associated with Iranian hacking operations days after a threat actor going by Handala posted screenshots it said came from inside the IT systems of medical device manufacturer Stryker. The registrars used to create them are located in the United States. First seen…
-
FBI takes down leak sites tied to Iran’s Ministry of Intelligence and Security
In a 40-page seizure warrant, the FBI outlined multiple digital campaigns launched by Iran’s Ministry of Intelligence and Security (MOIS) through a variety of online monikers, most recently going by the name “Handala.” First seen on therecord.media Jump to article: therecord.media/fbi-takes-down-leak-sites-iran-mois
-
FBI Seizes Two Websites Linked to Pro-Iranian Group Handala
The FBI has seized two websites, including the leak site, of Handala, a highly active pro-Iranian threat group responsible for the high-profile wiping attack on U.S.-based medical tech company Stryker in which it erased the data from about 80,000 corporate and personal devices. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/fbi-seizes-two-websites-linked-to-pro-iranian-group-handala/
-
FBI seizes Handala data leak site after Stryker cyberattack
The FBI has seized two websites used by the Handala hacktivist group after the threat actors conducted a destructive cyberattack on medical technology giant Stryker that wiped approximately 80,000 devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-seizes-handala-data-leak-site-after-stryker-cyberattack/
-
Ransomware Affiliate Exposes Details of ‘The Gentlemen’ Operation
Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-affiliate-gentlemen/
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network
A misconfigured open directory on an Iranian server has exposed a live censorship-bypass relay and SSH-based botnet operation, revealing how a single actor stitched together a 15-node network across Iran and Finland using commodity tools and sloppy operational security. The discovery shows how financially or personally motivated actors can reuse tradecraft seen in Iranian APT…
-
FancyBear Server Leak Exposes Stolen Credentials, 2FA Secrets, NATO Targets
Tags: 2fa, breach, credentials, cyber, data-breach, espionage, government, infrastructure, leak, military, russiaFancyBear’s latest operational security failure has exposed a live Russian espionage server packed with stolen credentials, 2FA secrets, and detailed insight into the ongoing targeting of European government and military networks. The exposed infrastructure, tied to APT28/FancyBear and previously reported by CERT”‘UA and Hunt.io, reveals both the scale of the compromises and the carelessness of…
-
KI beschleunigt die unkontrollierte Verbreitung von Zugangsdaten um ein Vielfaches
Im Jahr 2025 weisen Entwickler-Commits mit Claude Code* eine Leak-Rate von 3,2 Prozent bei Zugangsdaten auf, gegenüber einem Basiswert von 1,5 Prozent. Der menschliche Faktor bleibt entscheidend. GitGuardian, der Sicherheitsanbieter hinter der meistinstallierten Anwendung auf GitHub, veröffentlicht die fünfte Ausgabe seines Berichts »State of Secrets Sprawl« (Lagebericht zur Ausbreitung von Zugangsdaten) [1]. Der Lagebericht… First…
-
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire “, GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-gitguardian-study-shows-ai-coding-tools-double-leak-rates-as-29m-credentials-hit-github/
-
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire “, GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-gitguardian-study-shows-ai-coding-tools-double-leak-rates-as-29m-credentials-hit-github/
-
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire “, GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-gitguardian-study-shows-ai-coding-tools-double-leak-rates-as-29m-credentials-hit-github/
-
GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
New York, NY, March 17th, 2026, CyberNewswire In 2025, Developer Commits Using Claude Code Show 3.2% Secret Leak Rate vs. 1.5% Baseline. The Human Factor Remains Critical GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025…
-
GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
New York, NY, 17th March 2026, CyberNewswire First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/gitguardian-reports-an-81-surge-of-ai-service-leaks-as-29m-secrets-hit-public-github/
-
The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub
GitGuardian’s 5th State of Secrets Sprawl report is here. In this blog, we unpack the key findings behind the 2026 edition, from AI-driven leak growth to the remediation gaps security teams can’t ignore. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-state-of-secrets-sprawl-2026-ai-service-leaks-surge-81-and-29m-secrets-hit-public-github/