DEV Community: BeyondMachines

Charter Communications Investigates Data Breach Claims Potentially Exposing 42 Million Records

BeyondMachines — Sun, 24 May 2026 16:01:08 +0000

Summary

Charter Communications is investigating a data breach claimed by the ShinyHunters group, who allege they stole 42 million customer records via compromised cloud infrastructure.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Matferline Data Breach Exposes 703,000 Student Records and Plaintext Passwords

BeyondMachines — Sun, 24 May 2026 15:01:08 +0000

Summary

Spanish road safety platform Matferline suffered a SQL injection attack that exposed the personal data and plaintext passwords of over 703,000 students across 1,200 driving schools. The stolen database, which includes DNI numbers and profile photos, is currently being sold on the dark web by a threat actor named Macaroni.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

LiteSpeed cPanel Plugin Zero-Day Exploited for Root Access

BeyondMachines — Sun, 24 May 2026 14:01:08 +0000

Summary

LiteSpeed Technologies patched a critical, actively exploited vulnerability (CVE-2026-48172, CVSS 10.0) in its cPanel plugin that allows any user to run scripts with root privileges. Attackers are currently using this flaw to gain full control over web hosting servers.

Take Action:

If you use LiteSpeed on cPanel immediately upgrade to LiteSpeed WHM Plugin version 5.3.1.0 (which includes the patched cPanel plugin v2.4.7) or temporarily uninstall the user-end plugin to prevent a complete server takeover. Run the grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null command, block suspicious IPs, and audit your system. If you can't update right away, uninstall the user-end plugin to prevent a total server takeover.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Laravel-Lang Supply Chain Attack: Every Tag Across Multiple Composer Packages Rewritten to Steal CI Secrets

BeyondMachines — Sun, 24 May 2026 13:01:07 +0000

Summary

A supply chain attack on Laravel-Lang involved rewriting all git tags across four Composer packages to inject a secret-stealing payload that triggers during the PHP autoload process.

Take Action:

If your project uses any Laravel-Lang Composer packages (laravel-lang/lang, http-statuses, actions, or attributes), do not run composer update and check whether your lockfile points to a tag pulled on or after May 22, 2026. If you did, assume every secret reachable from that build environment (CI tokens, cloud keys, GitHub PATs, deploy keys, database credentials) is stolen and rotate them all immediately. Block the domain flipboxstudio.info at your DNS and firewall, and only restore builds by pinning to a pre-attack commit SHA you've verified against a local clone.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Makivvik Corporation Discloses Data Breach Exposing SSNs and Banking Details

BeyondMachines — Sun, 24 May 2026 12:01:08 +0000

Summary

Makivvik Corporation, a Canadian Inuit land claims organization, suffered a data breach in February 2026 that exposed the social insurance numbers and banking information of its employees and members.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Hartford HealthCare HUSKY Portal Data Breach Exposes 22,500 Patients

BeyondMachines — Sun, 24 May 2026 11:01:07 +0000

Summary

Hartford HealthCare and the Connecticut DSS reported a data breach affecting 22,500 HUSKY Medicaid patients after attackers used stolen employee credentials to access a provider portal.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Radiology Associates of Richmond Reports Data Breach Affecting 266,000 Patients

BeyondMachines — Sun, 24 May 2026 10:01:07 +0000

Summary

Radiology Associates of Richmond reports a data breach affecting 266,000 individuals after an unauthorized actor accessed its network in July 2025.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Osage County District Court Data Breach

BeyondMachines — Sun, 24 May 2026 09:01:06 +0000

Summary

The Osage County District Court in Kansas suffered a data breach that exposed misdemeanor probation and felony sentencing records after hackers accessed its network in August 2025.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks

BeyondMachines — Sun, 24 May 2026 08:01:06 +0000

Summary

NGINX has disclosed a critical heap buffer overflow vulnerability (CVE-2026-9256) in its rewrite module that allows unauthenticated attackers to cause denial-of-service or execute arbitrary code. The flaw, known as nginx-poolslip, affects both Open Source and Plus versions and requires immediate patching or configuration changes.

Take Action:

If you're running NGINX (Open Source or Plus), upgrade immediately to a patched version (1.30.2, 1.31.1, NGINX Plus R36 P5, R32 P7, or R37.0.1.1). If you can't patch right away, edit your config files to replace unnamed numeric capture groups (like $1, $2) in rewrite directives with named captures (like $user_id) as a temporary workaround.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

RondoDox Botnet Hijacks Over One Million ASUS Routers via 2018 Vulnerability

BeyondMachines — Sat, 23 May 2026 18:01:07 +0000

Summary

The RondoDox botnet is exploiting a critical 2018 vulnerability (CVE-2018-5999) in over one million ASUS routers to gain unauthorized control and launch DDoS attacks.

Take Action:

If you own an ASUS router, first make sure it is isolated from the internet and only accessible from trusted networks, with the management interface never exposed to the public internet. Then check if your model still receives official firmware updates and apply the latest version - if it's end-of-life, replace it with a supported model, and disable the infosvr service.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Eversource Energy Data Breach Following Phishing Attack

BeyondMachines — Sat, 23 May 2026 14:01:07 +0000

Summary

Eversource Energy disclosed a data breach affecting 3,049 customers after a phishing campaign in April 2026 allowed attackers to use stolen credentials to access sensitive files.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

German University Hospitals Suffer Data Breach via Third-Party Billing Provider

BeyondMachines — Sat, 23 May 2026 13:01:08 +0000

Summary

A third-party data breach at billing provider Unimed compromised the sensitive personal and medical information of nearly 100,000 patients across several German university hospitals.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines