Hackers ramp up scans for leaked Git tokens and secrets
Threat actors are intensifying internet-wide scanning for Git configuration files that can reveal sensitive secrets and authentication tokens used to compromise cloud services and source code repositories. In a new report from threat monitoring firm GreyNoise, researchers have recorded a massive spike in searches for exposed Git configs between April 20-21, 2025. “GreyNoise observed nearly 4,800 unique IP addresses daily from April 20-21, marking a substantial increase compared to typical levels,” explained GreyNoise in the report.
Microsoft makes all new accounts passwordless by default
Microsoft has announced that all new Microsoft accounts will be “passwordless by default” to secure them against password attacks such as phishing, brute force, and credential stuffing. The announcement comes after the company started rolling out updated sign-in and sign-up user experience (UX) flows for web and mobile apps in March, optimized for passwordless and passkey-first authentication. “As part of this simplified UX, we’re changing the default behavior for new accounts. Brand new Microsoft accounts will now be ‘passwordless by default’,” said Joy Chik, Microsoft’s President for Identity & Network Access, and Vasu Jakkal, Corporate Vice President for Microsoft Security.
iHeartMedia suffers breach that exposed personal data
iHeartMedia, America’s largest owner of radio stations, suffered a breach in December that exposed personal data, including Social Security and passport numbers. The company told Cybernews via email that it detected the breach that same month and “fully addressed” it within a week, with the investigation concluding on April 11th. It started to inform the affected individuals on April 30th. iHeartMedia owns more than 870 radio stations in the US and operates the iHeartRadio platform, home to popular podcasts such as its original Dear Chelsea with Chelsea Handler, as well as Anna Faris Is Unqualified and The Ben Shapiro Show.
French Foreign Ministry blames Russian GRU-linked APT28 for cyberattacks on national entities; urges global action
The French foreign ministry has attributed a series of cyberattacks on national interests to APT28, a group linked to Russia’s military intelligence agency (GRU), and has strongly condemned its use by the Russian state. Since 2021, this attack group has been used to target or compromise a dozen French entities. “APT28 is also being used to exert continual pressure on Ukrainian infrastructures amid Russia’s war of aggression against Ukraine, particularly when it is operated out of GRU Unit 20728,” the Ministry said in its Tuesday statement. “Many European partners have also been targeted by APT28 in recent years. In this regard, EU imposed sanctions on the individuals and entities responsible for the attacks conducted with the assistance of this group.”
Leaderboard illusion: How big tech skewed AI rankings on Chatbot Arena
A handful of dominant AI companies have been quietly manipulating one of the most influential public leaderboards for chatbot models, potentially distorting perceptions of model performance and undermining open competition, according to a new study. The research, titled “The Leaderboard Illusion,” was published by a team of experts from Cohere Labs, Stanford University, Princeton University, and other institutions. It scrutinized the operations of Chatbot Arena, a widely used public platform that allows users to compare generative AI models through pairwise voting on model responses to user prompts.
