Skip to content
Security

Oxford University Hit by Second Data Breach in a Month

tldr / infosec 20h ago 8

Oxford University has disclosed its second data breach in as many months after hackers targeted the CareerConnect platform on May 28, exposing full names, email addresses, and encrypted passwords for alumni, research staff, and recruiters. The university said the exploited security vulnerability has been patched and forcibly reset affected passwords, while the platform provider suggested the attack appeared aimed at gathering credentials for phishing. Because the underlying TargetConnect software serves multiple universities, the incident raises concerns about whether other institutions may also be affected.

Read full article →

More Security

Anthropic embeds engineers in NSA to deploy Mythos for offensive cyber operations

tldr / ai 20h ago 9

Anthropic embedded engineers in the NSA to deploy its unreleased Mythos AI for offensive cyber operations, even as it sues the Pentagon over military AI restrictions.

GitHub scrubs 70+ Microsoft repos as Miasma worm breaks CI/CD pipelines

theregister / security 6h ago 9

GitHub disabled 70+ Microsoft repos in under two minutes after the Miasma worm infected projects via compromised commits, breaking CI/CD pipelines and triggering RCE in developer tools.

Ubiquiti Patches Critical UniFi OS Flaws Enabling Unauthenticated Root RCE

tldr / infosec 20h ago 9

Ubiquiti patched three critical UniFi OS flaws that chain into unauthenticated root RCE with CVSS 10.0 scores, requiring immediate patching and full credential rotation.