CVE-2025-27643

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Hardcoded AWS API Key V-2024-006...

CVE-2025-27643

CVE-2025-27643 affects Vasion Print (formerly PrinterLogic) prior to Virtual Appliance Host 22.0.933 and Application 20.0.2368. Root cause: a hardcoded AWS API key (V-2024-006) exposed in the product. Impact: potential unauthorized access to AWS credentials, with CVSS 3.1 score of 9.8 (network, l...

PT-2025-9750 · Unknown · Vasion Print

Name of the Vulnerable Software and Affected Versions: Vasion Print formerly PrinterLogic versions prior to Virtual Appliance Host 22.0.933 Application 20.0.2368 Description: The issue concerns a hardcoded AWS API key. Recommendations: For versions prior to Virtual Appliance Host 22.0.933...

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub revealed details tied to last week’s incident where hackers, using stolen OAuth tokens, downloaded data from private repositories. “We do not believe the attacker obtained these tokens via a compromise of GitHub or its systems because the tokens in question are not stored by GitHub in thei...

GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations. "An attacker abused stolen OAuth user tokens issued to two third-party...

Information Disclosure

pact-js is vulnerable to information disclosure. Logs containing confidential information such as an AWS API Key are written into the log file in plain text as warnings when customProviderHeaders is used. This could potentially allow a local attacker to retrieve the information and perform furthe...