BeyondMachines
Author ProfileClaim This Author Profile
Prove ownership by publishing #HashtagPLUS and this profile link on your author page or an article under your byline. A moderator or admin will review the request before it merges into your real HashtagPLUS username.
π dev.toSource
MyPillow allegedly suffered a data breach after the Play ransomware group claimed a breach and leaked 9.8 GB of sensitive internal data, including Social Security numbers and financial records.
π dev.toSource
WP Maps Pro versions 6.1.0 and earlier contain a critical vulnerability (CVE-2026-8732) that allows unauthenticated attackers to create administrator accounts and take full control of WordPress sites.
Brisbane Accounting Firm Kennedy McLaughlin Confirms Cyber Incident Following Qilin Ransomware Claim
π dev.toSource
Kennedy McLaughlin & Associates, an Australian accounting firm, confirmed a data breach after the Qilin ransomware group published stolen client financial records and internal company data.
π dev.toSource
Oracle's May 2026 Critical Security Patch Update addresses 35 vulnerabilities, including 11 critical flaws with CVSS scores up to 10.0. Some vulnerabilities allow unauthenticated remote attackers to compromise systems.
π dev.toSource
7-Zip version 26.00 and earlier contain a critical heap buffer overflow (CVE-2026-48095) in the NTFS handler that allows attackers to execute arbitrary code via a crafted archive. The flaw is extension-agnostic and can be triggered simply by opening a malicious file.
π dev.toSource
New Zealand health supplement manufacturer Alpha Group Holdings has been listed on the Qilin ransomware leak site, though no stolen data has been published to verify the claim. The incident highlights the ongoing threat of Ransomware-as-a-Service groups targeting high-value intel
π dev.toSource
UK Visa Portal exposed over 100,000 sensitive documents, including passports and selfies, due to a misconfigured Amazon S3 bucket and a backend website bug.
π dev.toSource
Carnival Corporation reported a data breach resulting from a social engineering attack on an employee account that exposed names, addresses, and government identification numbers.
π dev.toSource
Rich Products Corporation reported a data breach affecting approximately 200 individuals after a phishing attack compromised a third-party vendor's employee email account.
π dev.toSource
Gogs is reported to have a critical unpatched authenticated RCE vulnerability (CVSS 9.4) that allows users to execute arbitrary code via malicious branch names during rebase operations. The flaw enables full server compromise, data theft, and supply chain attacks on Linux, Window