techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.9K
active users

#credentials

0 posts0 participants0 posts today

The Polish Government Commissioner for Cybersecurity has issued a recommendation for entities of the national cybersecurity system to update Roundcube software. KSC entities should immediately update Roundcube software to the latest available versions. The update removes vulnerabilities that can lead to theft of credentials or remote code execution on the server.

#server #cybersecurity #roundcube #update #2FA #KSC #mail #credentials

gov.pl/web/cyfryzacja/rekomend

🚨😱 OMG, the requests library has a "leak" so bad it's practically a sieve! Apparently, if you use it in this *incredibly specific* way, your credentials run away faster than a cat from a bath! 🔐🔑 But don't worry, just never use ".netrc" and you'll be safer than a secret agent at a tea party. 🍵🕵️‍♂️
seclists.org/fulldisclosure/20 #requests-library #credentials-leak #security-alert #hacker-news #coding-tips #safe-coding #HackerNews #ngated

seclists.orgFull Disclosure: CVE-2024-47081: Netrc credential leak in PSF requests library

Mysterious Database of 184 Million Records Exposes Vast Array of Login #Credentials
A trove of #breach data, which has now been taken down, includes user logins for platforms including Apple, Google, and Meta. Among the exposed accounts are ones linked to dozens of governments.
wired.com/story/mysterious-dat
archive.ph/ybk1x
#security #ITSec

WIRED · Mysterious Database of 184 Million Records Exposes Vast Array of Login CredentialsBy Matt Burgess

Mysterious Database of 184 Million Records Exposes Vast Array of #Login #Credentials | WIRED

A trove of #breached data, which has now been taken down, includes user logins for platforms including #Apple , #Google , and #Meta. Among the exposed accounts are ones linked to dozens of governments.
#security #privacy

wired.com/story/mysterious-dat

WIRED · Mysterious Database of 184 Million Records Exposes Vast Array of Login CredentialsBy Matt Burgess

Malicious #npm Packages Infect 3,200+ #Cursor Users With #Backdoor, Steal #Credentials

#Cybersecurity researchers have flagged 3 malicious npm packages that are designed to target the Apple #macOS version of Cursor

"Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's main.js file, & disable auto-updates to maintain persistence,"

thehackernews.com/2025/05/mali

The Hacker NewsMalicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal CredentialsMalicious npm packages targeting Cursor macOS users stole credentials and disabled updates, impacting 3,200+ downloads.