Hot Topics

Software Supply Chain Security

GitHub connections digital pipeline GitHub ICS Risk

Supply Chain Dependency: What Your GitHub Connections May Trigger

| | API Keys, CircleCI breach, connections, GitHub, GitHub repositories, supply chain attack
The writing is on the walls, and it’s hard to avoid after the significant spike in attacks against GitHub repositories. The recent CircleCI breach, in which customers’ secrets and encryption keys were ...
Security Boulevard
GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

| | cPanel, GoDaddy, GoDaddy hacked, godaddy.com, hacked WordPress, hosting, hosting provider, persistence, Persistent Threats, SB Blogwatch, webhosting, Website Hosting
GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware ...
Security Boulevard
Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology

Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology

| | Anker, E2EE, end-to-end encryption, Eufy, GDPR, Internet of things, iot, Privacy, SB Blogwatch, Security Cameras, The ‘S’ in IoT stands for Security
Anker said its Eufy cameras never send unencrypted video. But a couple of months ago, researchers discovered they did. Despite the clear evidence, Anker denied, delayed and deflected ...
Security Boulevard
Another Password Manager Leak Bug: But KeePass Denies CVE

Another Password Manager Leak Bug: But KeePass Denies CVE

| | CVE-2023-24055, default settings, Dominik Reichl, KeePass, open source, password managers, SB Blogwatch
Two researchers report vulnerability in KeePass. But lead developer Dominik Reichl says it’s not a problem—and refuses to fix the flaw ...
Security Boulevard
App sec and the supply chain: Work in tandem with engineers to achieve true software security

App sec and the supply chain: Work in tandem with engineers to achieve true software security

| | Dev & DevSecOps
...
ReversingLabs Blog
After hack, CircleCI tells devs to update secrets now

After hack, CircleCI tells devs to update secrets now

| | CI/CD Security, Threat Detection & Secrets
In this latest attack on software development environments, the CircleCI platform may have exposed secrets used by millions of software developers ...
ReversingLabs Blog