📰 MOVEit Automation Hit with Critical 9.8 CVSS Auth Bypass Flaw (CVE-2026-4670)

🚨 URGENT PATCH: A critical 9.8 CVSS auth bypass (CVE-2026-4670) is found in MOVEit Automation. Attacker could gain admin control. Given MOVEit's history, this is a major risk. Upgrade immediately! #MOVEit #CyberSecurity #Vulnerability #PatchNow

🔗 https://cyber.netsecops.io

RE: https://mastodon.thenewoil.org/@thenewoil/116521854644786619

Those of you still using #MOVEit might want to take note of this new Auth Bypass 😕🤦‍♂️

#AuthBypass

#Progress warns of critical #MOVEit Automation auth bypass flaw

https://www.bleepingcomputer.com/news/security/moveit-automation-customers-warned-to-patch-critical-auth-bypass-flaw/

#cybersecurity

New York Fines Delta Dental $2.25M for MOVEit Hack Violations

Delta Dental of New York has been fined $2.25 million by the New York Department of Financial Services for its handling of a massive data breach involving hackers stealing around 60,000 files from its MOVEit servers in 2023. The hefty penalty highlights the importance of robust cybersecurity measures to protect sensitive information.

https://osintsights.com/new-york-fines-delta-dental-225m-for-moveit-hack-violations?utm_source=mastodon&utm_medium=social

#Moveit #DataBreach #SupplyChain #Ransomware #NewYork

DATE: May 4, 2026 at 03:15PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

#NY Fines @DeltaDentalins $2.25M Over 2023 #MOVEit Hack https://t.co/7dhhqcOoyj @ProgressSW

Here are any URLs found in the article text:

https://t.co/7dhhqcOoyj

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

The NYS Department of Financial Services announced that they settled charges against Delta Dental Insurance Co. and Delta Dental of New York stemming from the 2023 Clop/MOVEit data breach.

The state's investigation found that Delta had violated NYS cybersecurity regs in a number of ways.

Delta has agreed to pay $2.25 million, none of which can be paid by their insurers and they can accept any reimbursement for the payment from any source.

I wonder how many other MOVEit customers who do business in New York are also dealing with NYSDFS.

https://databreaches.net/2026/05/01/nysdfs-secures-2-25-million-cybersecurity-settlement-with-delta-dental/

#databreach #hackandleak #supplychain #0day #DeltaDental #MOVEit #Clop #NYSDFS

@campuscodi @zackwhittaker

MoveIT, la vulnérabilité qui refuse de prendre sa retraite. Chaque nouvelle vague d'exploitation nous rappelle que le cycle patch → test → déploiement mérite vraiment d'être au cœur de nos priorités — pas juste dans le backlog.

La bonne nouvelle : on sait exactement quoi faire. Il ne reste plus qu'à le faire. 🔧

#infosec #MoveIT #patchmanagement
https://www.pwndefend.com/2026/05/01/i-like-to-moveit-moveit/

📰 MOVEit Automation Hit with Critical 9.8 CVSS Auth Bypass Flaw (CVE-2026-4670)

🚨 URGENT PATCH: A critical 9.8 CVSS auth bypass (CVE-2026-4670) is found in MOVEit Automation. Attacker could gain admin control. Given MOVEit's history, this is a major risk. Upgrade immediately! #MOVEit #CyberSecurity #Vulnerability #PatchNow

🔗 https://cyber.netsecops.io