news
Security Leftovers
-
Security Week ☛ Plex Urges Password Resets Following Data Breach
Hackers accessed emails, usernames, password hashes, and authentication data stored in a Plex database.
-
Security Week ☛ Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion
The industrial cybersecurity firm will become a wholly owned subsidiary of Mitsubishi Electric.
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by AlmaLinux (kernel and kernel-rt), Debian (openafs and qemu), Fedora (buildah, containers-common, podman, python-flask, and snapshot), Mageia (postgresql, python-django, and udisks2), Oracle (kernel and libxml2), Red Hat (apache-commons-beanutils, firefox, httpd, httpd:2.4, kernel, kernel-rt, mod_http2, qt5-qt3d, and thunderbird), Slackware (libxml2), SUSE (firebird, go1.25-openssl, ImageMagick, microcode_ctl, netty, netty-tcnative, and ovmf), and Ubuntu (libetpan and postgresql-14, postgresql-16, postgresql-17).
-
Security Week ☛ 160,000 Impacted by Wayne Memorial Hospital Data Breach
In May 2024, hackers stole names, Social Security numbers, financial information, and protected health information from the hospital’s systems.
-
Security Week ☛ Adobe Patches Critical ColdFusion and Commerce Vulnerabilities
Adobe has patched nearly two dozen vulnerabilities across nine of its products with its September 2025 Patch Tuesday updates.
-
Security Week ☛ Exposed Docker Hey Hi (AI) Likely Exploited to Build Botnet
Hackers mount the host’s file system into fresh containers, fetch malicious scripts over the Tor network, and block access to the Docker API.
-
Security Week ☛ SAP Patches Critical NetWeaver Vulnerabilities
The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation.
-
Security Week ☛ Threat Actor Connected to Play, RansomHub and DragonForce Ransomware Operations
The attacker deployed multiple malware families, including two backdoors and a proxy tunneller, and various reconnaissance tools.