#forensics – Xynik

Secrets Exposed in Hugging Face Hack

June 3, 2024 by Xynik

June 3, 2024 at 04:07AM Hugging Face, an AI tool development company, reported unauthorized access to its Spaces platform, potentially exposing a subset of Spaces’ secrets. The company has revoked compromised tokens, advised users to refresh keys and switch to fine-grained access tokens, and engaged external forensics experts. It has also made significant security improvements … Read more

Cloudflare hacked using auth tokens stolen in Okta attack

February 1, 2024 by Xynik

February 1, 2024 at 03:59PM Cloudflare revealed today that its internal Atlassian server was infiltrated by a ‘nation state’ attacker, who gained access to its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. The company detected the breach on November 23, severed access on November 24, and assured that customer data … Read more