Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned


Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code.The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket, consisting of no less than 15,000 stolen credentials, has since been taken down by Amazon.

Read More


thumb-image

Solutions