Dropbox says hackers stole code and some API keys from 130 GitHub repositories via a phishing campaign, but its core apps and infrastructure were unaffected (Sergiu Gatlan/BleepingComputer)

Sergiu Gatlan / BleepingComputer:
The FBI and CISA say an Iranian-backed threat group hacked a US Federal Civilian Executive Branch and deployed XMRig cryptomining malware via the Log4Shell flaw  —  The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked …

Bill Toulas / BleepingComputer:
Researchers find thousands of repos on GitHub offering fake proof-of-concept exploits for various vulnerabilities, with many of them containing malware instead  —  Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept …

Sergiu Gatlan / BleepingComputer:
Microsoft says hackers used vulnerabilities in Boa web server, discontinued in 2005 but pervasive across IoT devices, to target the Indian power sector  —  Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.

Aisha Malik / TechCrunch:
TikTok begins testing its research API, announced in July, with members of its Content and Safety Advisory Councils, and is working on a content moderation API  —  Earlier this year, TikTok announced that it’s developing a research API to improve access to public and anonymized data about content and activity on its app.

Sergiu Gatlan / BleepingComputer:
LastPass says attackers accessed customers’ data after breaching its cloud storage using information stolen during a security incident in August 2022  —  LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022.

Sharon Goldman / VentureBeat:
OpenAI releases DALL-E API in public beta, letting developers integrate DALL-E into their apps and products; the API is priced per image  —  Get ready, developers: Today, OpenAI released the hotly anticipated DALL-E API in public beta, which means developers can now integrate DALL-E directly into their apps and products.