CircleCI, a SaaS used in Software Engineering for build and deploy pipelines, disclosed a security incident and is asking users to rotate secrets stored in the platform, project environment variables or contexts. More
Slack, disclosed a security incident in which hackers stole some of its private source code repositories, but claims impact is limited. Access was obtained via “employee tokens”. More
NortonLifeLock Password Manager was targeted by a credential stuffing attack. The company revealed that the attack compromised an undisclosed number of customer accounts. Account holders were notified that the content of their vault might have been accessed. More
CircleCI released an incident report on Friday detailing how last months compromise happened: an engineers computer was infected with malware that stole his SSO session cookie. More
Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.
OSCE3, OSEP, OSED, OSWE, OSCP certified. Over 10 years of experience in the IT industry, now working in Product Security and leading a Red Team. Huge Offensive Security and CTF nerd. I enjoy music, teaching and hiking.