leaking
-
Blog
O2 UK patches bug leaking mobile user location from call metadata
A flaw in O2 UK’s implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target. The problem was discovered by security researcher Daniel Williams, who says the flaw existed on O2 UK’s network since March 27, 2017, and was resolved yesterday. O2 UK is a British…
Read More » -
Blog
GitHub Actions artifacts found leaking auth tokens in popular projects
Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows. Attackers stealing these tokens could gain unauthorized access to private repositories, steal source code, or inject malicious code into projects. The discovery by Palo Alto Networks’ Unit 42 prompted action by owners of…
Read More »