-
ShinyHunters launches Salesforce data leak site to extort 39 victims
An extortion group has launched a new data leak site to publicly extort dozens of companies impacted by a wave of Salesforce breaches, leaking samples of data stolen in the attacks.
- October 03, 2025
- 10:16 AM
0
-
ERMAC Android malware source code leak exposes banking trojan infrastructure
The source code for version 3 of the ERMAC Android banking trojan has been leaked online, exposing the internals of the malware-as-a-service platform and the operator's infrastructure.
- August 18, 2025
- 02:12 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
ExpressVPN bug leaked user IPs in Remote Desktop sessions
ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users' real IP addresses.
- July 21, 2025
- 12:06 PM
- 6
-
GitHub expands security tools after 39 million secrets leaked in 2024
Over 39 million secrets like API keys and account credentials were leaked on GitHub throughout 2024, exposing organizations and users to significant security risks.
- April 02, 2025
- 02:24 PM
- 0
-
Black Basta ransomware gang's internal chat logs leak online
An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation.
- February 20, 2025
- 03:48 PM
- 0
-
GitHub Actions artifacts found leaking auth tokens in popular projects
Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows.
- August 14, 2024
- 04:19 PM
- 1
-
Android bug leaks DNS queries even when VPN kill switch is enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option.
- May 03, 2024
- 05:02 PM
- 4
-
Over 12 million auth secrets and keys leaked on GitHub in 2023
GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days.
- March 12, 2024
- 11:23 AM
- 4
-
GitHub enables push protection by default to stop secrets leak
GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code.
- February 29, 2024
- 01:57 PM
- 0
-
Thousands of images on Docker Hub leak auth secrets, private keys
Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface.
- July 16, 2023
- 10:09 AM
- 0
-
Source code for BlackLotus Windows UEFI malware leaked on GitHub
The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community.
- July 13, 2023
- 11:14 AM
- 1
-
New Buhti ransomware gang uses leaked Windows, Linux encryptors
A new ransomware operation named 'Buhti' uses the leaked code of the LockBit and Babuk ransomware families to target Windows and Linux systems, respectively.
- May 25, 2023
- 06:00 AM
- 1
-
LockBit ransomware goes 'Green,' uses new Conti-based encryptor
The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware.
- February 01, 2023
- 05:48 PM
- 0
-
Android leaks some traffic even when 'Always-on VPN' is enabled
Mullvad VPN has discovered that Android leaks traffic every time the device connects to a WiFi network, even if the "Block connections without VPN," or "Always-on VPN," features is enabled.
- October 11, 2022
- 03:48 PM
- 3
-
Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party.
- October 09, 2022
- 08:53 PM
- 1
-
Cisco fixes bug allowing RSA private key theft on ASA, FTD devices
Cisco has addressed a high severity vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software.
- August 10, 2022
- 01:37 PM
- 0
-
Mandiant: “No evidence” we were hacked by LockBit ransomware
American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data.
- June 06, 2022
- 03:54 PM
- 0
-
Spring patches leaked Spring4Shell zero-day RCE vulnerability
Spring released emergency updates to fix the 'Spring4Shell' zero-day remote code execution vulnerability, which leaked prematurely online before a patch was released.
- March 31, 2022
- 11:16 AM
- 0
-
NVIDIA data breach exposed credentials of over 71,000 employees
More than 71,000 employee credentials were stolen and some of them leaked online following a data breach suffered by US chipmaker giant Nvidia last month.
- March 03, 2022
- 04:59 PM
- 0
-
Conti ransomware's internal chats leaked after siding with Russia
An angry member of the Conti ransomware operation has leaked over 60,000 private messages after the gang sided with Russia over the invasion of Ukraine.
- February 27, 2022
- 11:23 PM
- 0
