Bleeping Computer

GitHub rotates keys to mitigate impact of credential-exposing flaw

GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables. This unsafe ...
Infosecurity-magazine.com

GitHub Rotates Credentials and Patches New Bug

GitHub has revealed that service disruption in December was due to it rotating credentials after the discovery of a high-severity bug, and warned that some customers may need to take additional action ...
Bleeping Computer

Clone2Leak attacks exploit Git flaws to steal credentials

A set of three distinct but related attacks, dubbed 'Clone2Leak,' can leak credentials by exploiting how Git and its credential helpers handle authentication requests. The attack can compromise ...
TechRadar

This worrying Git flaw could lead to users leaking credentials

Security researcher finds related attacks and dubbed them Clone2Leak This allowed threat actors to leak credentials through Git's credential helper Patches are already available, so update now A ...
MSN による配信

Git Tools Patched to Address Credential Vulnerabilities: Update Now

Two recent security issues with Git and its related tools have been fixed, so users should update their software. The vulnerabilities, CVE-2024-53263 and CVE-2024-53858, involve issues with credential ...

How DevOps tools are opening the gates for high-profile cyberattacks

The leaked token, accidentally embedded by the company’s employee in a public repository, might have provided an attacker with unrestricted access to the company’s GitHub Enterprise server. Thus, ...