TechJuice

Hackers Exploit npm Supply Chain to Gain AWS Admin Access

Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.
WeLiveSecurity

Facebook: No evidence attackers used stolen access tokens on third-party sites

Facebook has announced that it found no evidence that attackers had used stolen account access tokens on other websites or apps that enable users to access their accounts using Facebook Login. This ...
glamsham.com

Hackers stole customer access tokens from Okta’s support unit, admits firm

Identity and access company Okta has identified “adversarial activity” that leveraged access to a stolen credential to access Okta’s support case management system. The threat actor was able to view ...
AppleInsider

How Apple could kill CAPTCHAs with Private Access Tokens

Apple demoed technology at WWDC 2022 called Private Access Tokens — and they could potentially kill CAPTCHAs once and for all. Private Access Tokens (PAT) can prove when an HTTP request is coming from ...
Threat Post

Leaky Access Tokens Exposed Amazon Photos of Users

Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents. The Amazon Photos app for Android insufficiently protected user access tokens, according to ...
TechCrunch

Okta says hackers stole customer access tokens from support unit

Identity and access giant Okta said a hacker broke into its customer support ticket system and stole sensitive files that can be used to break into the networks of Okta’s customers. Okta chief ...