kriware Aug 17, 2025

Zero-Click NTLM Patch Bypass (CVE-2025-50154)

A zero-click NTLM credential leak exploit bypasses Microsoft’s patch, exposing NTLM hashes and silently staging binaries on patched systems.

https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/

#NTLM #credentialleak

Zero Click, One NTLM: Microsoft Security Patch Bypass (CVE-2025-50154) 

Learn about CVE-2025-50154 and its risk of NTLM attacks and RCE even after Microsoft’s fix for CVE-2025-24054.

Cymulate
The DefendOps DiariesJun 19, 2025

16 billion credentials exposed—from your favorite tech giants to government sites. This isn’t just another hack; it’s a wake-up call that proves our digital defenses may be outdated. How secure are you really?

https://thedefendopsdiaries.com/understanding-the-16-billion-credentials-leak-causes-and-consequences/

#credentialleak
#cybersecurity
#databreach
#infostealer
#passwordsecurity

EvostrixDec 13, 2024
Prometheus Security Breach 300K Instances Expose Credentials and API Keys
Today, we're diving into the alarming news of a massive security breach involving Prometheus, a popular monitoring and alerting tool used by countless organizations worldwide
#PrometheusSecurity #DataBreach #CyberSecurity #APIKeys #CredentialLeak #InformationSecurity #DataProtection #SecurityIncident #CyberThreat #TechNews #hack #security #news #privacy #leaks
https://cloudhosting.evostrix.eu/prometheus-security-breach-300k-instances-expose-credentials-and-api-keys/
smegJun 10, 2024
New York Times source code stolen using exposed GitHub token
https://www.bleepingcomputer.com/news/security/new-york-times-source-code-stolen-using-exposed-github-token/ #databreach #sourcecode #credentialleak #infosec
New York Times source code stolen using exposed GitHub token

Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer.

BleepingComputer
ITSEC NewsOct 26, 2020
Containerd Bug Exposes Cloud Account Credentials - The flaw (CVE-2020-15157) is located in the container image-pulling process. https://threatpost.com/containerd-bug-cloud-account-credentials/160546/ #containerimage-pulling #googlecomputeplatform #securityvulnerability #vulnerabilities #credentialleak #cve-2020-15157 #cloudsecurity #cloudaccounts #hostregistry #containerd #bug
Containerd Bug Exposes Cloud Account Credentials

The flaw (CVE-2020-15157) is located in the container image-pulling process.

Threatpost - English - Global - threatpost.com