Hackers stole and published the login credentials of major tech and Fortune 500 companies, accessed CCTV cameras, and probed portals after breaching two large data centers in Asia.
News Corp security breach lasted from February 2020 to January 2022, during which time confidential company information and personal data was taken. Investigation by Mandiant indicates that a Chinese state-backed hacking team may be involved.
Reddit confirmed a security breach that allowed hackers to access internal business systems after an employee became the victim of a sophisticated phishing attack.
Hackers exfiltrated not just internal game cheats, but the source code that underpins this system for certain Riot Games titles, including League of Legends. This creates the possibility of new game cheats and exploits being developed.
The Mailchimp security breach appears to have lasted for less than a full day. The company says that client login information was not compromised, but customer support tools were used to send phishing emails.
Popular collaboration tool Slack is the latest to suffer a security breach involving its GitHub repositories, with the company reporting that private source code was stolen in late December.
Amnesty International Canada experienced a security breach on October 5 with the ultimate conclusion being that state-sponsored Chinese hackers penetrated the system for espionage purposes.
Password manager LastPass notified its customers of a second security breach in 2022, with the threat actor accessing customer data stored on a shared cloud service.
Dropbox says that the security breach did not involve the contents of any customer accounts. The attackers were instead focused on company GitHub repositories, raiding 130 of them for code and tools.
Recent security breach at password manager LastPass does not appear to be an immediate threat to the encrypted vaults that customers use to store their passwords, but the hackers may have made off with source code and proprietary information.
