Security News
The online forum OpenAI employees use for confidential internal communications was breached last year, anonymous sources have told The New York Times.Hackers lifted details about the design of the company's AI technologies from forum posts, but they did not infiltrate the systems where OpenAI actually houses and builds its AI. OpenAI executives announced the incident to the whole company during an all-hands meeting in April 2023, and also informed the board of directors.
E-commerce platform Shopify denies it suffered a data breach after a threat actor began selling customer data they claim was stolen from the company's network. [...]
An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security...
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to...
BleepingComputer has verified that the helpdesk portal of a router maker is currently sending MetaMask phishing emails in response to newly filed support tickets, in what appears to be a compromise. Support tickets acknowledged with MetaMask phishing.
Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack. CDK Global is a software-as-a-service platform that provides a full suite of applications to handle a car dealership's operation, including sales, back office, financing, inventory, and service and support.
IntelBroker describes the data they're selling as "Source code, SQL files, Images, Terraform data, t-mobile.com certifications, Siloprograms." Recently, IntelBroker has been rapidly releasing new data breaches, and if they all used this cloud provider, it could explain where all the data is coming from.
Ascension, one of the largest U.S. healthcare systems, revealed that a May 2024 ransomware attack was caused by an employee who downloaded a malicious file onto a company device. Ascension says this was likely an "Honest mistake" as the employee thought they were downloading a legitimate file.
ARRL is the national association for amateur radio in the United States, representing amateur radio interests to government regulatory bodies and promoting events and educational programs for enthusiasts around the country. "We still don't know what they haven't told us and maybe it is important, maybe not," a member posted to the 'My ARRL Voice' Facebook group.
Zscaler says that today's rumors it was breached are false after a threat actor claimed to be selling access to one of the "Largest cyber security companies." In a Wednesday afternoon post, Zscaler said its ongoing investigation has shown no evidence that they were breached.