A bad actor identified as EmeraldWhale was observed running a global operation that targeted exposed Git configurations — a campaign that resulted in more than 15,000 cloud service credentials stolen.The Sysdig Threat Research Team said Oct. 30 that the threat actor abused multiple…

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is