Tagged articles

9 articles

Page 1 of 1

Apr 20, 2026 · Information Security

Vercel Breach Reveals How an AI Tool Compromised Env Vars and Led to Data Leak

Vercel confirmed an intrusion where attackers leveraged the third‑party AI service Context.ai to hijack an employee’s Google Workspace OAuth access, gaining entry to internal systems and exposing ordinary environment variables, prompting a rapid public disclosure and a detailed remediation checklist for developers and admins.

AI toolsEnvironment VariablesInfoSec

0 likes · 7 min read

Vercel Breach Reveals How an AI Tool Compromised Env Vars and Led to Data Leak

SpringMeng

Dec 24, 2025 · Information Security

Technical Breakdown of Why Kuaishou Was Hacked

Within a 60‑90 minute window on Dec 22, hackers breached Kuaishou’s systems, exploiting nighttime staffing fatigue, high‑privilege token leaks, AI moderation tricks, direct video uploads, massive account overload, and microservice architecture flaws, highlighting critical security gaps for large platforms.

AI moderation evasionContainer SecurityKuaishou

0 likes · 4 min read

Technical Breakdown of Why Kuaishou Was Hacked

IT Services Circle

Jun 17, 2024 · Information Security

Disgruntled Former Employee Hacks Singapore IT Firm, Deletes 180 Virtual Servers, Highlighting Human Factors in Enterprise Security

A former NCS QA engineer in Singapore, feeling wronged after his dismissal, illegally accessed the company's internal systems, wrote malicious scripts, and deleted 180 virtual servers, causing $678,000 in losses and prompting security experts to stress the importance of account deactivation, continuous monitoring, and the impact of employee emotions on corporate security.

AuthenticationSecurity Breachcybercrime

0 likes · 7 min read

Disgruntled Former Employee Hacks Singapore IT Firm, Deletes 180 Virtual Servers, Highlighting Human Factors in Enterprise Security

21CTO

Aug 6, 2022 · Information Security

How Twitter Fixed a Critical Bug and Stopped a 5.4M‑Account Data Leak

Twitter’s tech team patched a major security flaw that exposed email addresses and phone numbers of over 5.4 million accounts, prompting a $30,000 data sale on Breached Forums and a $5,040 bug‑bounty reward for the researcher who reported it.

Bug BountySecurity BreachTwitter

0 likes · 3 min read

How Twitter Fixed a Critical Bug and Stopped a 5.4M‑Account Data Leak

21CTO

May 31, 2022 · Information Security

What GitHub’s Latest Leak Reveals About Plaintext Credential Risks

GitHub’s recent security incident, unrelated to OAuth token attacks, exposed over 100,000 npm users' plaintext credentials and detailed private package data, prompting a review of logging practices, notification plans, and broader implications for supply‑chain security.

GitHubOAuthSecurity Breach

0 likes · 5 min read

What GitHub’s Latest Leak Reveals About Plaintext Credential Risks

ITPUB

Mar 14, 2021 · Information Security

How a Baidu Engineer Exploited the Ad‑Review System to Steal Millions

A 1992‑born Baidu programmer abused his development privileges to script unauthorized website approvals, bypassing two layers of review, fraudulently earning over 235,000 RMB and causing a loss of 3.7 million RMB in ad revenue before being caught and sentenced.

Ad FraudSecurity Breach

0 likes · 10 min read

How a Baidu Engineer Exploited the Ad‑Review System to Steal Millions

Programmer DD

Mar 7, 2021 · Information Security

How a CTO’s Mistake Exposed Gab’s Data: The SQL Injection Disaster

A recent data breach at the extremist platform Gab was traced to a senior engineer who removed critical SQL‑injection defenses, illustrating how a single CTO’s poor security decisions can jeopardize millions of user records and spark major political fallout.

CTOGabRails

0 likes · 6 min read

How a CTO’s Mistake Exposed Gab’s Data: The SQL Injection Disaster

21CTO

Mar 6, 2021 · Information Security

How a Rookie SQL Injection Mistake Cost Gab’s CTO and Users 70 GB of Data

A recent DDoSecrets leak revealed that Gab’s new CTO introduced a simple SQL injection flaw in the Rails codebase, allowing hackers to steal 70 GB of user data, prompting the CEO’s public apology, code deletions, and a stark reminder of the importance of secure coding practices.

CTO mistakeCode reviewRails

0 likes · 9 min read

How a Rookie SQL Injection Mistake Cost Gab’s CTO and Users 70 GB of Data

ITPUB

Feb 23, 2016 · Information Security

How to Detect a Compromised Linux Mint 17.3 ISO and Secure Your System

Linux Mint warned that attackers replaced the official 17.3 Cinnamon ISO with a back‑doored version, and users can verify integrity using MD5 checksums, look for a hidden file, and follow remediation steps to protect their data and reinstall safely.

ISO tamperingLinux MintMD5 verification

0 likes · 4 min read

How to Detect a Compromised Linux Mint 17.3 ISO and Secure Your System