Hi folks!

I hope you all had a wonderful week, and that you get to kick butt on this Friday. And I hope that you get a few minutes of peace, quiet and a coffee to go through this week's issue :-) Enjoy!

Dieter Van der Stock

Breaches and leaks

  • Bing had a misconfiguration that allowed for manipulation of search results and XSS injection: link.
  • Github had their private RSA SSH key briefly exposed and had to generate a new one: link and interesting HN thread.
  • Procter & Gamble fell victim to a ransomware attack through the GoAnywhere vulnerability: link.
  • So did Crown Resorts, an Australian gambling and entertainment company: link.
  • Twitter had source code of theirs posted to Github, presumably by a disgruntled employee: link.
  • ChatGPT had an issue where some users might have seen titles and first sentences of other users' chat history: link.
  • Latitude, an Australian financial company, was breached through compromised employee credentials. The last update has the number of impacted customers at 14 million: link.
  • Sun Pharma, an Indian pharmaceutical company, suffered a ransomware attack: link.
Dieter Van der Stock