‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

Novee Security reveals Cordyceps, a CI/CD vulnerability in GitHub Actions workflows that let anonymous users poison builds and expose tokens across major projects today. Continue reading ‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack

Two teenagers face sentencing after admitting to a massive Scattered Spider cyberattack that hit Transport for London (TfL) and US healthcare networks. Continue reading 2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack

Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse

Nintendo America employee records were exposed via TinyPulse after Shadowbyt3 claimed theft of HR files, tax forms, bank data, and staff survey responses. Continue reading Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse