all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

GitHub saved plaintext passwords of npm users in log files, post mortem reveals

Add to bookmarks
May 27, 2022, 12:15 p.m. | Richard Speed

The Register - Security www.theregister.com

Unrelated to the OAuth token attack, but still troubling as org reveals details of around 100,000 users were grabbed by the baddies

GitHub has revealed it stored a "number of plaintext user credentials for the npm registry" in internal logs following the integration of the JavaScript package registry into GitHub's logging systems.…

files github log log files npm passwords plaintext post mortem

Visit resource

More from www.theregister.com / The Register - Security

Germany cuffs alleged Russian spies over plot to bomb industrial and military targets an hour ago | www.theregister.com
arrested bomb german germany +15
Ransomware feared as IT 'issues' force Octapharma Plasma to close 150+ centers 12 hours ago | www.theregister.com
across the us blacksuit centers cyberattack +9
Crooks exploit OpenMetadata holes to mine crypto – and leave a sob story for victims 13 hours ago | www.theregister.com
car crypto cryptocurrency environments +10
House passes bill banning Uncle Sam from snooping on citizens via data brokers 17 hours ago | www.theregister.com
banning biden bill brokers +14
Korean researcher details scheme abusing Apple's third-party pickup policy 19 hours ago | www.theregister.com
abusing apple asia black hat +17
185K people's sensitive data in the pits after ransomware raid on Cherry Health 21 hours ago | www.theregister.com
data health healthcare information +10
EU tells Meta it can't paywall privacy 23 hours ago | www.theregister.com
advertising binary board can +15
Prolific phishing-made-easy emporium LabHost knocked offline in cyber-cop op 1 day, 1 hour ago | www.theregister.com
campaigns cops criminals cyber +14
Cisco creates architecture to improve security and sell you new switches 1 day, 4 hours ago | www.theregister.com
architecture bad called cisco +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Information Systems Security Officer (ISSO), Junior

@ Dark Wolf Solutions | Remote / Dark Wolf Locations
View on infosec-jobs.com

Cloud Security Engineer

@ ManTech | REMT - Remote Worker Location
View on infosec-jobs.com

SAP Security & GRC Consultant

@ NTT DATA | HYDERABAD, TG, IN
View on infosec-jobs.com

Security Engineer 2 - Adversary Simulation Operations

@ Datadog | New York City, USA
View on infosec-jobs.com
View more jobs