Threat actors are looking for API tokens, passwords, and database logins usually stored in ENV files. Go to Source article

Football club said it’s not “currently aware of any breach of personal data associated with our fans or customers.” Go to Source article

Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. Go to Source article

The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge. Go to Source article

The information exposed in a public cloud bucket included PII, church-donation information, photos and users’ contact lists. Go to Source article

Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far. Go to Source article

The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them. Go to Source article

Can a balance be struck between the privacy of citizens and allowing health officials to access any piece of information for helping to track down a