acct Νοέμβριος 27, 2025 #341 Νοέμβριος 27, 2025 OpenAI confirms new data breach, exposing names, emails, more | Windows Central WWW.WINDOWSCENTRAL.COM OpenAI is sending out emails this morning to confirm that a ton of user data has been exposed owing to a breach in a third-party web... Quote Another day, another security breach. This time, it's OpenAI's turn. Today, users are waking up to discover emails from OpenAI's security team, confirming more security issues at the company. This one is a bit more egregious than previous breaches, exposing emails, names, and approximate locations of an undisclosed number of users. OpenAI claims that ChatGPT users were unaffected, with chat content, API usage, passwords, payment details, and government IDs remaining safe. However, users of OpenAI's API interfaces at platform.openai.com have seen a variety of data exposed in this latest breach. Here's what OpenAI claims has been exposed: Names provided to accounts on platform.openai.com Email addresses linked to the API accounts via platform.openai.com "Coarse approximate location" determined by IP address and web browser OS and browser type, as well as referring websites Organizataions and user IDs saved into the API accounts 1 1
minast Δεκέμβριος 19, 2025 #342 Δεκέμβριος 19, 2025 North Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true location | Tom's Hardware WWW.TOMSHARDWARE.COM A barely perceptible keystroke delay was the smoking gun that led to the uncovering of a malign imposter. 1
EraserheadX Φεβρουάριος 2 Author #343 Φεβρουάριος 2 Notepad++ Hijacked by State-Sponsored Hackers | Notepad++ NOTEPAD-PLUS-PLUS.ORG 3
acct Φεβρουάριος 2 #344 Φεβρουάριος 2 1 hour ago, EraserheadX said: Notepad++ Hijacked by State-Sponsored Hackers | Notepad++ NOTEPAD-PLUS-PLUS.ORG Είναι λίγο εκνευριστική η ενημέρωση. Καταρχάς είναι γεμάτη τυπογραφικά. Προσπερνώντας τα: Quote Traffic from certain targeted users was selectively redirected to attacker-controlled served malicious update manifests. The incident began from June 2025. Multiple independaent security researchers have assessed that the threat acotor is likely a Chinese state-sponsored group, which would explain the highly selective targeting obseved during the campaign. Πόσους χρήστες, ποιους, τι είδους δεδομένα; Καταλαβαίνω ότι δεν μπορούν να δημοσιοποιήσουν τα πάντα, αλλά χρειάζονται περισσότερες πληροφορίες για να καταλάβει κανείς πώς μπορεί να έχει εκτεθεί... 2
astrolabos Φεβρουάριος 2 #345 Φεβρουάριος 2 8 ώρες πριν, το μέλος acct έγραψε: Είναι λίγο εκνευριστική η ενημέρωση. Καταρχάς είναι γεμάτη τυπογραφικά μπορείς να τη διαβάσεις και εδώ 1
minast Δευτέρα at 01:26 μμ #346 Δευτέρα at 01:26 μμ Ερευνητές μελέτησαν την ασφάλεια δημοφιλών password managers, ειδικά υπό το πρίσμα παραβιασμένου server που φιλοξενούνται οι κωδικοί. Εδώ η ανακοίνωση: Password managers less secure than promised ETHZ.CH Researchers from ETH Zurich have discovered serious security vulnerabilities in three popular, cloud-based password managers... Εδώ το άρθρο που δημοσίευσαν: https://eprint.iacr.org/2026/058.pdf Και εδώ η απάντηση της BitWarden για τα ευρήματα που την αφορούσαν: Security through transparency: ETH Zurich audits Bitwarden cryptography against malicious server scenarios | Bitwarden BITWARDEN.COM A new in-depth security report is available, continuing the Bitwarden commitment to transparency and trusted open source security. The... 2
acct 2 ώρες πριν #347 2 ώρες πριν Microsoft’s ‘unhackable’ Xbox One has been hacked by 'Bliss' — the 2013 console finally fell to voltage glitching, allowing the loading of unsigned code at every level | Tom's Hardware WWW.TOMSHARDWARE.COM This console had remained a fortress since its launch over a decade ago. Quote Since reset glitching wasn’t possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with the system rest pin(s) the hacker targeted the momentary collapse of the CPU voltage rail. This was quite a feat, as Gaasedelen couldn’t ‘see’ into the Xbox One, so had to develop new hardware introspection tools. Eventually, the Bliss exploit was formulated, where two precise voltage glitches were made to land in succession. One skipped the loop where the ARM Cortex memory protection was setup. Then the Memcpy operation was targeted during the header read, allowing him to jump to the attacker-controlled data. As a hardware attack against the boot ROM in silicon, Gaasedelen says the attack in unpatchable. Thus it is a complete compromise of the console allowing for loading unsigned code at every level, including the Hypervisor and OS. Moreover, Bliss allows access to the security processor so games, firmware, and so on can be decrypted.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now