The Internet Archive experienced three security breaches in October 2024 due to exploited unrotated Zendesk API tokens. The first breach occurred on October 9, with a data breach and DDoS attack from a pro-Palestinian group affecting 31 million users. A second breach in mid-October saw additional unrotated access tokens exploited. The third and latest breach arose from the same issues, causing additional damage. The breaches highlight the Internet Archive’s lack of proper token management and its susceptibility to repeat attacks.
Hackers Exploiting YouTube to Deliver Malware Bypassing Antivirus Detections
Cybercriminals are utilizing YouTube to spread malware, specifically an info-stealing variant named Lumma Stealer which can extract sensitive data. Assailants take over well-known YouTube channels,
