Ars Technica

WordPress plugin installed on 1 million+ sites logged plaintext passwords

All-In-One Security, a WordPress security plugin installed on more than 1 million websites, has issued a security update after being caught three weeks ago logging plaintext passwords and storing them ...
Bleeping Computer

Chrome extensions can steal plaintext passwords from websites

A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can steal plaintext passwords from a website's source code. An ...
Bleeping Computer

Bitbucket artifact files can leak plaintext authentication secrets

Update 5/21/24: Added Atlassian statement to the bottom of the article. Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact ...
Dark Reading

Fortanix Builds Hardware Security Wall Around Plaintext Search

Fortanix is bringing hardware security technology to database search with Confidential Data Search, with the goal to help organizations process highly sensitive data in databases. Fortanix's ...
Android

Meta slapped with $102 million fine for storing passwords in plaintext

Meta is facing a fine of $102 million for storing some users’ passwords in “plaintext”. The social media giant has admitted to poor password management. The Irish Data Protection Commission (DPC) has ...