Category: leaks

Auto Added by WPeMatico

Leaked GitHub Python Token

Posted on By infossl
leaks, security analysis, Security technology, supply chain, Uncategorized

Here’s a disaster that didn’t happen: Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container hosted on Docker Hub, which granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF). JFrog discussed what could have happened: The … Read More “Leaked GitHub Python Token” »

The US Is Spying on the UN Secretary General

Posted on By infossl
espionage, fisa, leaks, nsa, Security technology, Uncategorized

The Washington Post is reporting that the US is spying on the UN Secretary General. The reports on Guterres appear to contain the secretary general’s personal conversations with aides regarding diplomatic encounters. They indicate that the United States relied on spying powers granted under the Foreign Intelligence Surveillance Act (FISA) to gather the intercepts. Lots … Read More “The US Is Spying on the UN Secretary General” »

Russian Cyberwarfare Documents Leaked

Posted on By infossl
cyberespionage, cyberwar, espionage, hacking, leaks, russia, Security technology, Uncategorized, whistleblowers

Now this is interesting: Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet. The company’s work is linked to the federal security service or FSB, the domestic … Read More “Russian Cyberwarfare Documents Leaked” »

ChatGPT Is Ingesting Corporate Secrets

Posted on By infossl
amazon, ChatGPT, leaks, Security technology, Uncategorized

Interesting: According to internal Slack messages that were leaked to Insider, an Amazon lawyer told workers that they had “already seen instances” of text generated by ChatGPT that “closely” resembled internal company data. This issue seems to have come to a head recently because Amazon staffers and other tech workers throughout the industry have begun … Read More “ChatGPT Is Ingesting Corporate Secrets” »

Leaked Signing Keys Are Being Used to Sign Malware

Posted on By infossl
android, keys, leaks, malware, Security technology, Uncategorized

A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. Łukasz Siewierski, a member of Google’s Android Security Team, has a post on the Android Partner Vulnerability Initiative (AVPI) issue tracker detailing leaked platform certificate keys that are actively being used to sign malware. … Read More “Leaked Signing Keys Are Being Used to Sign Malware” »

Iran’s Digital Surveillance Tools Leaked

Posted on By infossl
iran, leaks, privacy, Security technology, surveillance, Uncategorized

It’s Iran’s turn to have its digital surveillance tools leaked: According to these internal documents, SIAM is a computer system that works behind the scenes of Iranian cellular networks, providing its operators a broad menu of remote commands to alter, disrupt, and monitor how customers use their phones. The tools can slow their data connections … Read More “Iran’s Digital Surveillance Tools Leaked” »

Leaking Passwords through the Spellchecker

Posted on By infossl
browsers, data protection, leaks, passwords, Security technology, Uncategorized

Sometimes browser spellcheckers leak passwords: When using major web browsers like Chrome and Edge, your form data is transmitted to Google and Microsoft, respectively, should enhanced spellcheck features be enabled. Depending on the website you visit, the form data may itself include PII­—including but not limited to Social Security Numbers (SSNs)/Social Insurance Numbers (SINs), name, … Read More “Leaking Passwords through the Spellchecker” »