Type Juggling 0==Admin Grants 847 Users ADMIN ACCESS?!

TYPE JUGGLING DISASTER! 0=='admin' returns TRUE! Password check BYPASSED! 847 users got admin access! Downloaded 2.3M customer records! $12.3M data breach lawsuit! CTO FIRED!

#php #phpdisaster #typejuggling #authenticationbypass #securitybreach #adminaccess #productionbug #phpshorts #phpwtf #0equalsadmin #careerending #databreach

https://www.youtube.com/watch?v=uh7YHqXPfVo

PolyShell Vulnerability Exposes Adobe Commerce and Magento to Remote Code Execution

Sansec reports "PolyShell," an unrestricted file upload vulnerability (CVE-2025-20720) in Magento and Adobe Commerce that allows unauthenticated attackers to achieve remote code execution via the REST API.

**If you are using Adobe Commerce and Magento Open Source, restrict web server access to the pub/media/custom_options/ directory to prevent the execution of uploaded malicious scripts. Since a production patch is currently not afailable, deploy a web application firewall to block exploit attempts in real-time.**
#cybersecurity #infosec #advisory #databreach
https://beyondmachines.net/event_details/polyshell-vulnerability-exposes-adobe-commerce-and-magento-to-remote-code-execution-9-b-r-8-z/gD2P6Ple2L

MR.FRIENDLY、Instagramアカウントが不正アクセスで乗っ取り 被害 旧アカウントからのDMや投稿に注意呼びかけ

https://rocket-boys.co.jp/security-measures-lab/mr-friendly-instagram-account-hijack-unauthorized-access-warning-dm-posts/

#セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews #DataBreach

RB大宮アルディージャWOMEN、浜田芽来選手のXアカウント 乗っ取り 被害

https://rocket-boys.co.jp/security-measures-lab/rb-omiya-ardija-women-hamada-mei-x-account-hijack/

#セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews #DataBreach

It's always interesting to see the #fraud, #phishing, and random #spam emails I receive at email addresses linked to completely different companies.

For example, I just received an email that says "Payment failed for your cloud storage renewal." That was sent to a unique email address I gave to a specific clothing brand. But that clothing brand has not notified me of any #DataBreach. 🤔

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

https://thehackernews.com/2026/03/fbi-warns-russian-hackers-target-signal.html

Short summary: https://hackerworkspace.com/article/fbi-warns-russian-hackers-target-signal-whatsapp-in-mass-phishing-attacks

#databreach #cybersecurity #threatintelligence

again AT&T exposes customer data in breaches without telling the customers. last time they did this i froze all credit bureaus. i’m old thus it took 40yrs to be debt free & could do this. i feel for all generations behind (source Credit Karma)

#ATT #databreach