Cloud Security
Technology
CISA Exposed AWS Keys and Plaintext Passwords on GitHub for Six Months
America's cybersecurity agency left 844 MB of sensitive credentials in a public repository while its workforce shrank by a third and leadership remained vacant.
Technology
EvilTokens Phishing Service Bypasses MFA at 340+ Microsoft 365 Organizations
A $500/month subscription service has weaponized OAuth device code flows, rendering enterprise multi-factor authentication ineffective against credential theft.