Tag: security incident
-
OpenAI Users Warned of Phishing Risk After Mixpanel Analytics Provider Breach
OpenAI has disclosed a security incident at the third-party web-analytics provider Mixpanel that affected a subset of users of the platform.openai.com API service. The event did not involve any breach of OpenAI’s own systems, nor any exposure of chats, passwords, or API keys. Only a limited set of analytics data was compromised, yet the company…
-
Xubuntu Download Page Hacked: Malicious File Distributed for Several Days
The Xubuntu team has released detailed information about the October incident during which the downloads page at https://xubuntu.org/download/ distributed a malicious file for several days instead of the usual torrent links. According to the report, an attacker gained access to the site by brute-forcing the password to a vulnerable WordPress component installed by Canonical for…
-
Token Leak: Eclipse Revokes Exposed Keys to Halt Open VSX Supply Chain Attacks
The Eclipse Foundation has revoked several compromised access tokens associated with publishing extensions to the open Open VSX repository. The investigation was prompted by a report from Wiz, a company specializing in cloud security. In early October, Wiz researchers discovered that certain Visual Studio Code extensions, hosted both in Microsoft’s official marketplace and in Open…
-
F5 Networks Breached by Nation-State Actor, BIG-IP Source Code and Undisclosed Vulnerabilities Stolen
F5 has disclosed a serious cybersecurity incident involving the compromise of its internal systems, including the BIG-IP development environment and engineering knowledge bases. According to the company’s investigation, the breach was carried out by a highly sophisticated, state-sponsored threat actor that operated stealthily and maintained prolonged unauthorized access to F5’s infrastructure. The malicious activity was…
-
Asahi Suffers Cyberattack, Paralyzing Its Japanese Supply and Distribution Network
Japanese brewing giant Asahi Group Holdings has reported a severe disruption of its internal systems, triggered by a cyberattack. The company confirmed that the incident affected only its Japanese divisions, completely paralyzing its distribution network and forcing a temporary shutdown of its call center. While restoration efforts are underway, only previously shipped beverage stocks remain…
-
Dell Confirms Cybersecurity Breach: WorldLeaks Claims 1.3TB Data Exfil, But Dell Says “No Real Value”
Dell has officially confirmed a cybersecurity breach and subsequent data leak within its IT environment, while emphasizing that the compromised files hold no real value. According to the company, the leaked data primarily consists of synthetic datasets used within a test infrastructure. On Monday, July 21, the group WorldLeaks—formerly known as Hunters International—published a statement…
-
CoinDCX Hacked for $44 Million in Crypto: Internal Account Breached, User Funds Safe
This past weekend, Indian cryptocurrency platform CoinDCX suffered a large-scale cyberattack, resulting in the theft of over $44 million in digital assets. The breach affected only the company’s internal operational account, with user funds reportedly remaining untouched, according to co-founders Neeraj Khandelwal and Sumit Gupta. Signs of the incident first appeared on the co-founders’ social…
-
BigONE Crypto Exchange Hacked for $27 Million: Funds Being Laundered, Users Reassured
The cryptocurrency exchange BigONE has fallen victim to a cyberattack that resulted in the theft of digital assets valued at $27 million. The breach occurred during the night of July 16, when the platform’s security systems detected suspicious activity linked to unusual fund movements within its hot wallet. An ensuing investigation confirmed that the incident…