Category: Kamban

A critical vulnerability affecting multiple versions of GitHub Enterprise Server could be exploited to bypass authentication and enable an attacker to gain administrator privileges on the machine. The security issue is identified as CVE-2024-6800 and received a 9.5 severity rating as per the CVSS 4.0 standard. It is described as an XML signature wrapping problem that occurs…

Toyota confirmed that customer data was exposed in a third-party data breach after a threat actor leaked an archive of 240GB of stolen data on a hacking forum. “We are aware of the situation. The issue is limited in scope and is not a system wide issue,” Toyota told BleepingComputer when asked to validate the…

The Cannon Corporation dba CannonDesign is sending notices of a data breach to more than 13,000 of its clients, informing that hackers breached and stole data from its network in an attack in early 2023. CannonDesign is a multi-awarded architectural, engineering, and consulting firm based in the United States, recognized for its work on high-profile projects such…

American chipmaker Microchip Technology Incorporated has disclosed that a cyberattack impacted its systems over the weekend, disrupting operations across multiple manufacturing facilities. Headquartered in Chandler, Arizona, the company has roughly 123,000 customers across multiple industry sectors, including industrial, automotive, consumer, aerospace and defense, communications, and computing markets. Due to an incident, some Microchip Technology manufacturing…

Microsoft has launched a new unified Teams application that allows Windows and Mac users to switch between personal, work, and education accounts without installing multiple apps. The new Microsoft Teams app also helps users switch between accounts without signing out and signing in again and allows them to join meetings without logging into an account.…

Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university’s Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). CVE-2024-4577 is a critical PHP-CGI argument injection flaw patched in June that impacts PHP installations running on Windows systems with PHP running in CGI mode. It allows unauthenticated…

Oregon Zoo is informing that visitors who purchased tickets online between December and June had their payment card information compromised. Formerly Portland Zoo and Washington Park Zoo, Oregon Zoo is a 64-acre zoo owned by the regional Metro government. It is home to 1,800 animals from 232 species, including 28 on the endangered and threatened list. It…

According to user reports following this month’s Patch Tuesday, the August 2024 Windows updates are breaking dual boot on Linux systems with Secure Boot enabled. This issue is caused by Microsoft’s decision to apply a Secure Boot Advanced Targeting (SBAT) update to block Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 Secure Boot bypass vulnerability,…

A hacker compromised Unicoin’s Google Workspace (formerly G-Suite) account and changed the passwords for all company employees, locking them out of their corporate accounts for days. Unicoin is an asset-backed, audited, and publicly reporting cryptocurrency project. It is the official token of the “Unicorn Hunters” business series, focused on providing novel investment opportunities. In a…