TechRadar

This worrying Git flaw could lead to users leaking credentials

Security researcher finds related attacks and dubbed them Clone2Leak This allowed threat actors to leak credentials through Git's credential helper Patches are already available, so update now A ...
Bleeping Computer

GitHub rotates keys to mitigate impact of credential-exposing flaw

GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables. This unsafe ...
ExtremeTech

Git Tools Patched to Address Credential Vulnerabilities: Update Now

Two recent security issues with Git and its related tools have been fixed, so users should update their software. The vulnerabilities, CVE-2024-53263 and CVE-2024-53858, involve issues with credential ...
Dark Reading

Supply Chain Worms in 2026: What Shai-Hulud Taught Attackers (And How to Prepare)

The Shai-Hulud 2.0 campaign exposed 33,185 unique secrets across 20,649 repositories scanned. Among the exposed credentials, 3,760 remained valid days after discovery. Here is why the next version ...
Bleeping Computer

GitHub accounts stolen in ongoing phishing attacks

GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page. Besides taking over their ...
Hosted on MSN

Shai-Hulud 2.0 Credential Leak Hits Zapier, PostHog and Postman — User Data At Risk

The digital landscape is once again shaking as a new iteration of a major credential leak—dubbed 'Shai-Hulud 2.0'—has surfaced. This widespread credential leak has reportedly affected several massive ...