Tech

This worrying Git flaw could lead to users leaking credentials

Share
Share


  • Security researcher finds related attacks and dubbed them Clone2Leak
  • This allowed threat actors to leak credentials through Git’s credential helper
  • Patches are already available, so update now

A number of flaws was recently found in distributed version control system Git’s credential helper which allowed malicious actors to exfiltrate login credentials from different projects. It was responsibly disclosed to the developers and shut down.

Git’s credential helper is a feature that securely manages credentials (usernames and passwords, or personal access tokens) required to authenticate with remote repositories. It simplifies authentication by caching or storing credentials so users don’t need to repeatedly enter them for every Git operation.

Share

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles
US government warns of “unsophisticated” hackers targeting oil and gas systems
Tech

US government warns of “unsophisticated” hackers targeting oil and gas systems

CISA warns of ‘unsophisticated’ attacks targeting oil and gas industries ‘Basic and...

New chip uses AI to shrink large language models’ energy footprint by 50%
Tech

New chip uses AI to shrink large language models’ energy footprint by 50%

Ramin Javadi. Credit: Karl Maasdam Oregon State University College of Engineering researchers...

Transmitting clear signals over long distances using nonlinear math
Tech

Transmitting clear signals over long distances using nonlinear math

Schematic view of (A) self-feedback and (B) cross-feedback systems. Dashed lines indicate...

Ransomware hackers target a new Windows security flaw to hit businesses
Tech

Ransomware hackers target a new Windows security flaw to hit businesses

Multiple ransomware groups seen abusing Windows Common Log File System bug Among...