November 1, 2024 at 05:59PM Researchers uncovered the EmeraldWhale cybercriminal operation, targeting Git configurations to steal over 15,000 credentials and clone 10,000 private repositories. The incident highlights the need for improved cloud security, proper configuration monitoring, and regular source code scans to avoid exposure of sensitive information. Enhanced security measures are essential for organizations. ### … Read more
November 1, 2024 at 07:33AM Cybersecurity researchers have uncovered a campaign, EMERALDWHALE, targeting exposed Git configurations to steal credentials from over 10,000 private repositories. The operation exploits tools to access sensitive files and collect data, leading to extensive credential theft for phishing purposes. A list of 67,000 exposed URLs is being sold online. ### Meeting … Read more
June 27, 2024 at 05:52AM Aqua Security’s research reveals a significant number of “phantom” secrets persist within Git-based Source Code Management systems, posing security risks for top organizations. These include leaked secrets granting access to cloud environments, internal infrastructure, API tokens, and network devices of major companies. Aqua emphasizes the challenges in accurately detecting and … Read more