The Hacker News

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce disabled Klue Battlecards integration after attackers used compromised OAuth tokens to access customer CRM data ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...

FortiBleed campaign used custom FortiGate sniffer to steal credentials

Security firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have.
Developer Tech

AI agent breaches Fedora software supply chain

A rogue AI agent using compromised developer credentials breached the Fedora software supply chain and merged defective code ...

Hackers Just Hit a State Wildlife Database in a Massive Security Breach. Experts Warn Others Could Be Next

State officials have confirmed that a major vendor breach exposed driver's licenses and passport numbers. Cybersecurity ...

24B Records Exposed in Massive Leak of Emails, Passwords, and Login Data

Cybernews researchers found an exposed database with 24 billion credential records, raising fresh risks from password reuse ...
techtimes

Credential Stuffing Risk Spikes: 24 Billion Stolen Passwords Linked to Live Exploit Data

Security researchers at Cybernews discovered on June 12 what they describe as one of the largest credential databases ever left exposed online — a publicly accessible Elasticsearch cluster holding 24 ...

How Artists Taught An EY Avatar To Be More Human

EY receives 400,000 job applications every year. Selecting the best employees—fairly, and at scale—turned out to require both ...

A Glimpse into the “Search Your Target” Market for Stolen Credentials

Attackers no longer need to sift through massive credential dumps. They can pay others to do it for them. Flare explores how ...

124 Million Unique Passwords Exposed In New Infostealer Log Dataset

A new collection of 124 million unique passwords from hundreds of millions of malware stealer log records has been confirmed ...