Sat.Jun 08, 2024

article thumbnail

New York Times source code stolen using exposed GitHub token

Bleeping Computer

Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer. [.

135
135
article thumbnail

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

The Hacker News

Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.

141
141
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New York Times source code compromised via exposed GitHub token

Security Affairs

The source code and data of The New York Times leaked on the 4chan was stolen from the company’s GitHub repositories in January 2024. This week, VX-Underground first noticed that the internal data of The New York Times was leaked on 4chan by an anonymous user. The mysterious user leaked 270GB of data and claimed that the American newspaper has over 5,000 source code repositories, with less than 30 being encrypted.

article thumbnail

DDoS attacks target EU political parties as elections begin

Bleeping Computer

Hacktivists are conducting DDoS attacks on European political parties that represent and promote strategies opposing their interests, according to a report by Cloudflare. [.

DDOS 101
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

CVE-2024-4177: SSRF Vulnerability Patched in Bitdefender GravityZone Console On-Premise

Penetration Testing

Bitdefender, a leading cybersecurity provider, has addressed a critical vulnerability (CVE-2024-4177, CVSS 8.1) in its GravityZone Console On-Premise product. The flaw, discovered by security researcher Nicolas Verdier (n1nj4sec), could allow attackers to perform server-side... The post CVE-2024-4177: SSRF Vulnerability Patched in Bitdefender GravityZone Console On-Premise appeared first on Cybersecurity News.

article thumbnail

Apple Is Coming for Your Password Manager

WIRED Threat Level

Plus: A media executive is charged in an alleged money-laundering scheme, a ransomware attack disrupts care at London hospitals, and Google’s former CEO has a secretive drone project up his sleeve.

article thumbnail

eSentire Exposes Ongoing More_eggs Malware Campaign Targeting Job Seekers

Penetration Testing

eSentire’s Threat Response Unit (TRU) has unveiled a persistent and sophisticated cyber campaign employing the notorious more_eggs malware, primarily targeting recruiters in the industrial services sector. This campaign exploits the trust inherent in job... The post eSentire Exposes Ongoing More_eggs Malware Campaign Targeting Job Seekers appeared first on Cybersecurity News.

Malware 57