• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
reddit suffers security breach exposing internal documents and source code

Reddit Suffers Security Breach Exposing Internal Documents and Source Code

You are here: Home / General Cyber Security News / Reddit Suffers Security Breach Exposing Internal Documents and Source Code
February 10, 2023

Well-known social news aggregation platform Reddit has disclosed that it was the target of a security incident that enabled unidentified menace actors to gain unauthorized obtain to interior paperwork, code, and some unspecified organization methods.

The company blamed it on a “complex and very-specific phishing attack” that took area on February 5, 2023, targeting its staff members.

The attack entailed sending out “plausible-sounding prompts” that redirected to a web site masquerading as Reddit’s intranet portal in an try to steal credentials and two-factor authentication (2FA) tokens.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


A solitary employee’s credentials is reported to have been phished in this fashion, enabling the risk actor to accessibility Reddit’s interior devices. The influenced personnel self-reported the hack, it additional extra.

The organization, nonetheless, stressed that there is no evidence to counsel that its creation devices ended up breached or that users’ non-public info has been compromised. There is no sign that the accessed information has been released or distributed online.

“Exposure provided restricted call data for (at this time hundreds of) business contacts and workers (current and former), as very well as constrained advertiser info,” Reddit explained.

It additional pointed out “comparable phishing attacks have been not long ago noted” without having using any specific names. It did not disclose what resource code was accessed pursuing the security lapse.

The advancement is still a further indication as to how danger actors are more and more getting means to defeat 2FA by setting up lookalike web pages that are capable of pulling off adversary-in-the-middle (AitM) attacks.

Located this short article appealing? Observe us on Twitter  and LinkedIn to read through much more distinctive articles we put up.


Some sections of this post are sourced from:
thehackernews.com

Previous Post: «Cyber Security News #SOOCon23: Open Source Tools can Automate SBOM Requirements
Next Post: U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks u.k. and u.s. sanction 7 russians for trickbot, ryuk, and»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
  • Securing Data in the AI Era
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
  • What Security Leaders Need to Know About AI Governance for SaaS

Copyright © TheCyberSecurity.News, All Rights Reserved.