InfoSec News Nuggets 01/06/2023

Slack's private GitHub code repositories stolen over holidays Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at workplaces and digital communities around the world. BleepingComputer has come across a security incident notice issued by Slack on December 31st, 2022. The incident involves threat actors gaining access to Slack's externally hosted GitHub repositories via a "limited" number of Slack employee tokens that…
Read More

InfoSec News Nuggets 12/08/2021

Researchers discover 14 new data-stealing web browser attacks IT security researchers from Ruhr-Universität Bochum (RUB) and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox. These types of side-channel attacks are called 'XS-Leaks,' and allow attacks to bypass the 'same-origin' policy in web browsers so that a malicious website can steal info in the background…
Read More