Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...
JD Supra

The Impact of Stolen Credentials

This week, Schneider Electric confirmed that it is investigating a security incident involving its JIRA internal development platform. The attacker group, “Grep,” allege that it stole 40 GB of data ...

16 billion login credentials leaked online, report says

Leaked information includes user passwords for platforms including Google, Facebook and Apple, the report says.