<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: BeyondMachines</title>
    <description>The latest articles on DEV Community by BeyondMachines (@bsp_beyondmachines).</description>
    <link>https://dev.to/bsp_beyondmachines</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2445503%2F3faf5e64-542b-44d9-9bb9-e5bdaa993b59.png</url>
      <title>DEV Community: BeyondMachines</title>
      <link>https://dev.to/bsp_beyondmachines</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/bsp_beyondmachines"/>
    <language>en</language>
    <item>
      <title>Moody Bible Institute Data Breach Exposes 2.3 Million Records via PeopleSoft Zero-Day</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Tue, 07 Jul 2026 11:01:08 +0000</pubDate>
      <link>https://dev.to/beyondmachines/moody-bible-institute-data-breach-exposes-23-million-records-via-peoplesoft-zero-day-54lp</link>
      <guid>https://dev.to/beyondmachines/moody-bible-institute-data-breach-exposes-23-million-records-via-peoplesoft-zero-day-54lp</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;Moody Bible Institute suffered a large-scale data breach after the ShinyHunters group exploited a zero-day vulnerability in Oracle PeopleSoft to exfiltrate 23 gigabytes of sensitive records. The incident exposed the personal information of 2.3 million individuals after the institute did not respond to extortion demands.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/moody-bible-institute-data-breach-exposes-2-3-million-records-via-peoplesoft-zero-day-w-5-s-a-2/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>Credit Acceptance Corp. Data Breach Exposes Social Security Numbers</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Tue, 07 Jul 2026 10:01:07 +0000</pubDate>
      <link>https://dev.to/beyondmachines/credit-acceptance-corp-data-breach-exposes-social-security-numbers-3og9</link>
      <guid>https://dev.to/beyondmachines/credit-acceptance-corp-data-breach-exposes-social-security-numbers-3og9</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;Credit Acceptance Corp. reports a data breach discovered on June 4, 2026, which exposed the names and Social Security numbers of an undisclosed number of consumers. The company has engaged cybersecurity firms for an investigation and is offering 24 months of free identity monitoring services to affected individuals.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/credit-acceptance-corp-data-breach-exposes-social-security-numbers-l-l-w-d-x/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>OPNsense Patches Critical Root Vulnerability in GeoIP Alias Importer</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Tue, 07 Jul 2026 09:01:07 +0000</pubDate>
      <link>https://dev.to/beyondmachines/opnsense-patches-critical-root-vulnerability-in-geoip-alias-importer-3hj9</link>
      <guid>https://dev.to/beyondmachines/opnsense-patches-critical-root-vulnerability-in-geoip-alias-importer-3hj9</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;OPNsense released critical security updates to fix a root remote code execution vulnerability (CVE-2026-57155) in its GeoIP alias importer. The update also patches several other flaws including XPath injection and stored cross-site scripting.&lt;/p&gt;

&lt;h3&gt;
  
  
  Take Action:
&lt;/h3&gt;

&lt;p&gt;Make sure your OPNsense firewall's management interface is isolated from the internet and reachable only from trusted networks, since even a low-level user with alias-editing rights can exploit this flaw. Update to OPNsense 26.1.11 or 26.4.1p1 ASAP. If you can't update immediately, lock down management access and limit alias-editing permissions to trusted administrators only.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/opnsense-patches-critical-root-vulnerability-in-geoip-alias-importer-3-g-d-c-z/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>Henry Rossi &amp; Co. Data Breach Exposes Sensitive Audit Records for Steamfitters Union</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Tue, 07 Jul 2026 08:01:09 +0000</pubDate>
      <link>https://dev.to/beyondmachines/henry-rossi-co-data-breach-exposes-sensitive-audit-records-for-steamfitters-union-bd0</link>
      <guid>https://dev.to/beyondmachines/henry-rossi-co-data-breach-exposes-sensitive-audit-records-for-steamfitters-union-bd0</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;Henry Rossi &amp;amp; Co., LLP suffered a data breach in January 2026 that exposed the names, Social Security numbers, and birth dates of 2,720 individuals associated with the Steamfitters Local #449 Medical &amp;amp; Benefit Fund.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/henry-rossi-co-data-breach-exposes-sensitive-audit-records-for-steamfitters-union-y-h-s-0-0/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>State of (in)security - Week 27, 2026</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Mon, 06 Jul 2026 18:01:08 +0000</pubDate>
      <link>https://dev.to/beyondmachines/state-of-insecurity-week-27-2026-1cp8</link>
      <guid>https://dev.to/beyondmachines/state-of-insecurity-week-27-2026-1cp8</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;During week 27 of 2026 (June 29–July 6), cybersecurity activity rose to 17 advisories and 28 incidents affecting roughly 6.6 million people, led by the 4.38 million-record Aflac Japan breach. Unauthorized access, ransomware, and software-vulnerability exploits drive most incidents. Most impacted industries are healthcare, government, and financ. The week saw reports of exploitation of critical flaws in Oracle E-Business Suite, SharePoint, and SimpleHelp RMM, and mass patches from Adobe, Apple, Google, and others. We also see the first reported end-to-end ransomware attack executed by an AI agent (JadePuffer).&lt;/p&gt;

&lt;h3&gt;
  
  
  Take Action:
&lt;/h3&gt;

&lt;p&gt;Patch your Chrome and Chromium based browsers. Iit's trivial to do: the browser updates itself when you close and reopen it, and all your tabs come back. Then focus on patching key flaws in phpBB, WebSphere, JetBrains, OpenWrt routers, Kemp LoadMaster.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/state-of-in-security-week-27-2026-u-v-8-z-8/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>Texas Hearing Institute Reports Ransomware Attack Impacting 30,000 Residents</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Mon, 06 Jul 2026 16:01:07 +0000</pubDate>
      <link>https://dev.to/beyondmachines/texas-hearing-institute-reports-ransomware-attack-impacting-30000-residents-3cdh</link>
      <guid>https://dev.to/beyondmachines/texas-hearing-institute-reports-ransomware-attack-impacting-30000-residents-3cdh</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;The Texas Hearing Institute suffered a ransomware attack claimed by the Interlock group, resulting in the alleged theft of 540 GB of data and compromising the personal and medical information of nearly 30,000 individuals.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/texas-hearing-institute-reports-ransomware-attack-impacting-30000-residents-g-8-r-q-b/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>FortiBleed Campaign Exposes UK Government Credentials</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Mon, 06 Jul 2026 10:01:08 +0000</pubDate>
      <link>https://dev.to/beyondmachines/fortibleed-campaign-exposes-uk-government-credentials-5bo4</link>
      <guid>https://dev.to/beyondmachines/fortibleed-campaign-exposes-uk-government-credentials-5bo4</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;Threat actors used stolen and reused credentials in a global Fortinet-focused campaign known as FortiBleed, affecting more than 86,000 devices across 194 countries including UK Government official credentials.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/fortibleed-campaign-exposes-uk-government-credentials-1-o-k-r-f/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>North Media Subsidiary SDR Hit by Unauthorized Network Access</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Mon, 06 Jul 2026 09:01:07 +0000</pubDate>
      <link>https://dev.to/beyondmachines/north-media-subsidiary-sdr-hit-by-unauthorized-network-access-54fk</link>
      <guid>https://dev.to/beyondmachines/north-media-subsidiary-sdr-hit-by-unauthorized-network-access-54fk</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;North Media's Swedish subsidiary, SDR Svensk Direktreklam, suffered an IT security incident involving unauthorized access to its internal infrastructure. The company is investigating potential data exposure. It continues to maintain normal business operations.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/north-media-subsidiary-sdr-hit-by-unauthorized-network-access-2-j-i-r-s/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>Woori Bank Discloses Data Leak Affecting 17,500 Customers Following Third-Party Developer Negligence</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Mon, 06 Jul 2026 08:01:07 +0000</pubDate>
      <link>https://dev.to/beyondmachines/woori-bank-discloses-data-leak-affecting-17500-customers-following-third-party-developer-negligence-421</link>
      <guid>https://dev.to/beyondmachines/woori-bank-discloses-data-leak-affecting-17500-customers-following-third-party-developer-negligence-421</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;Woori Bank suffered a data leak affecting 17,551 customers after an employee at an external development firm failed to delete data from a 2024 NFT project and shared it on a public platform. The bank has reported the incident to regulators and implemented fraud monitoring to protect affected individuals.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/woori-bank-discloses-data-leak-affecting-17500-customers-following-third-party-developer-negligence-z-g-e-w-w/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>WatchGuard Patches Third Critical IKEv2 RCE in Firebox Appliances</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Sun, 05 Jul 2026 08:01:07 +0000</pubDate>
      <link>https://dev.to/beyondmachines/watchguard-patches-third-critical-ikev2-rce-in-firebox-appliances-2lei</link>
      <guid>https://dev.to/beyondmachines/watchguard-patches-third-critical-ikev2-rce-in-firebox-appliances-2lei</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;WatchGuard patched a critical pre-authentication RCE vulnerability (CVE-2026-13368) in Firebox appliances. The vulnerability allows unauthenticated attackers to gain administrative control. Legacy T15 and T35 models currently do not have a patch.&lt;/p&gt;

&lt;h3&gt;
  
  
  Take Action:
&lt;/h3&gt;

&lt;p&gt;If you use WatchGuard Firebox firewalls, read the advisory in detail. Plan a very quick update to Fireware OS 2026.2.1 or 12.12.1. If you run legacy T15/T35 models, disable external LDAP authentication for IKEv2 as a temporary fix, and if you're on version 11.x, migrate to supported hardware since no patch is coming.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/watchguard-patches-third-critical-ikev2-rce-in-firebox-appliances-l-z-o-j-u/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>IBM Patches High-Severity XSS Flaws in WebSphere Application Server</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Sat, 04 Jul 2026 10:01:46 +0000</pubDate>
      <link>https://dev.to/beyondmachines/ibm-patches-high-severity-xss-flaws-in-websphere-application-server-4d43</link>
      <guid>https://dev.to/beyondmachines/ibm-patches-high-severity-xss-flaws-in-websphere-application-server-4d43</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;IBM released security updates for WebSphere Application Server to fix three cross-site scripting vulnerabilities, including a high-severity flaw on the login page that allows attackers to hijack administrative sessions.&lt;/p&gt;

&lt;h3&gt;
  
  
  Take Action:
&lt;/h3&gt;

&lt;p&gt;Restrict access to your WebSphere administrative console so it's only reachable from trusted internal networks, and enable multi-factor authentication on all admin accounts. Then apply IBM's interim fix for APAR PH71757 ASAP, and plan to upgrade to Fix Pack 9.0.5.29 (for version 9.0) or 8.5.5.30 (for version 8.5) as soon as they're released.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/ibm-patches-high-severity-xss-flaws-in-websphere-application-server-a-s-e-6-q/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
    <item>
      <title>JetBrains Patches Multiple Flaws Including Critical Across Their App Ecosystem</title>
      <dc:creator>BeyondMachines</dc:creator>
      <pubDate>Sat, 04 Jul 2026 09:01:46 +0000</pubDate>
      <link>https://dev.to/beyondmachines/jetbrains-patches-multiple-flaws-including-critical-across-their-app-ecosystem-4mdn</link>
      <guid>https://dev.to/beyondmachines/jetbrains-patches-multiple-flaws-including-critical-across-their-app-ecosystem-4mdn</guid>
      <description>&lt;h3&gt;
  
  
  Summary
&lt;/h3&gt;

&lt;p&gt;JetBrains released security updates for 16 vulnerabilities across its on-premise ecosystem, including critical authentication bypass and remote code execution flaws in Hub, YouTrack, and TeamCity. These vulnerabilities allow attackers to hijack administrative accounts and compromise development environments/&lt;/p&gt;

&lt;h3&gt;
  
  
  Take Action:
&lt;/h3&gt;

&lt;p&gt;If you run any on-premise JetBrains servers (Hub, YouTrack, TeamCity, or IntelliJ-based IDEs), update every one of them to the fixed versions. There are multiple critical flaws which will be exploited very soon. After updating TeamCity, rotate all your build tokens and credentials to lock out anyone who may have already gotten in.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;&lt;a href="https://beyondmachines.net/event_details/jetbrains-patches-multiple-flaws-including-critical-across-their-app-ecosystem-t-l-v-a-n/9uoJWdGwxq" rel="noopener noreferrer"&gt;Read the full article on BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://beyondmachines.net" rel="noopener noreferrer"&gt;BeyondMachines&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>infosec</category>
    </item>
  </channel>
</rss>
