Resecurity
-
Public appsettings.json leak exposes Azure AD credentials, enabling potential cloud access
Researchers from Resecurity’s HUNTER team warn that a publicly accessible appsettings.json file leaked Azure AD credentials (ClientId and ClientSecret), potentially enabling attackers to authenticate via OAuth 2.0 and access an organization’s Azure cloud resources; the incident underscores the ongoing risk of cloud-secret exposure and the need for strong secret-management practices.
-
Cybersecurity Firm Exposes Ransomware Infrastructure, Protects Victims
Cybersecurity firm Resecurity has successfully infiltrated and dismantled the infrastructure of the BlackLock ransomware gang, providing critical alerts to victims ahead of planned data leaks.
