This week's articles
Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
WatchTowr researchers scraped 80,000+ saved entries from JSONFormatter and CodeBeautify sites, finding thousands of exposed credentials including AWS keys, Active Directory passwords, API tokens, and PII from governments, banks, MSSPs, and cybersecurity firms. Evidence suggests attackers already exploit this.
#defend
#supply-chain
#saas
The story of how we almost got hacked
Invictus IR received a suspicious BEC phishing email impersonating a pharmaceutical company, requesting a non-existent product. They investigated, tracking the threat actor's infrastructure, uncovering an AiTM phishing campaign using EvilProxy framework, targeting multiple industries through WeTransfer-delivered credential harvesting.
#attack
#saas
What to know about a recent Mixpanel security incident
OpenAI is informing users about a security incident that occurred at Mixpanel, a third-party data analytics provider used for their API product's frontend interface. This breach was confined to Mixpanel's systems and did not affect OpenAI's infrastructure, nor were users of ChatGPT or other OpenAI products impacted.
#attack
#supply-chain
Breaking change on GitHub Actions pull_request_target
GitHub Actions' pull_request_target event will reference the default branch instead of PR base branch from Dec 8, 2025, preventing attackers from exploiting vulnerable workflows in unpatched branches targeting non-default branches.
#ci/cd
#supply-chain
#announcement
|