🏠Home 🚨Threats 🧩Insight 📚Books 🎬Weekly Intel

🏷️ #university of pennsylvania

1 thread tagged with “university of pennsylvania”

University of Pennsylvania Breach - 1.2M Donor Records Exposed

A single compromised PennKey SSO account gave attackers full run of UPenn's infrastructure—VPN access, Salesforce Marketing Cloud, Qlik analytics, SAP BI, and SharePoint. What's brutal: threat actors …

Category: Industry News / Privacy & Data Protection / Privacy & Data Protection

#university-of-pennsylvania#data-breach#donor-data#salesforce#phishing#sso#crm

Explore More Tags

#2fa #7zip #a2a-protocol #aardvark #account-security #acl #acsc #ad #adobe #advisory #agent-authentication #agent-smuggling #agentic-ai #agents #ai #ai-agents #ai-assisted-attacks #ai-enabled-threats #ai-native #ai-poisoning #ai-powered-attacks #ai-ransomware-claims #ai-security #airlines #aisuru #akira #akira-ransomware #alert #amd #android #android-security #anomali #anubis #anydesk #apache #apache-openoffice #apache-tika #api-security #appsec #apt #apt28 #apt36 #apt44 #arcgis #asm #ato #att #attck #aura_stealer #auth-bypass #automated-patching #automated-remediation #automation #automotive #autonomous-systems #aviation #awareness #aws #aws-ses-abuse #azure #azurehound #badcandy #banking #banking-malware #banking-trojan #benchmarking #bfsi #big-ip #bind9 #bitsight #blacksuit #blink #blob-storage #blockchain #bloodhound #board-governance #bopla #botnet #brash #breach #breakout-time #broadcom #broken-authorization #browser #brute-force #bulletproof-hosting #burp #business-email-compromise #c2 #cache-poisoning #canada #cdr #cellebrite #cert #chainguard #chaos #chatgpt #check-point #china #chrome #chromium #ci-cd #cisa #cisa-guidance #cisco #cisco-asa #cisco-talos #clickfix #clickjacking #clop #cloud #cloud-credential-theft #cloud-hybrid-security #cloud-native #cloud-security #cloudflare-blocked #cmmc #cms #cnapp #cofense #coinimp #coldriver #collatz #collins-aerospace #compliance #conduent #confidential-computing #configurator #consul #cookies #copilot #credential-harvesting #credential-leak #credential-stuffing #credential-theft #credentials #criminalip #critical-infrastructure #critical-update #crm #crowdstrike #crypto #crypto-targeting #cryptocurrency-clipper #cryptography #cti #custom-malware #cve #cve-2023-20198 #cve-2024-1086 #cve-2025-11375 #cve-2025-12444 #cve-2025-30388 #cve-2025-40778 #cve-2025-43995 #cve-2025-47984 #cve-2025-48384 #cve-2025-49844 #cve-2025-53766 #cve-2025-54918 #cve-2025-55320 #cve-2025-55752 #cve-2025-55754 #cve-2025-59287 #cve-2025-59295 #cve-2025-61884 #cve-2025-61932 #cve-2025-6204 #cve-2025-6205 #cve-2025-62168 #cve-2025-6325 #cve-2025-6327 #cve-2025-6950 #cve-2025-8941 #cve-2025-9242 #cve-2025-9491 #cwpp #cybercrime #cyberslop #daily-brief #dark-web #dassault #data-breach #data-exfiltration #data-extortion #data-protection #data-sovereignty #data-theft #ddos #debian #deepfake #deepfakes #defender-for-storage #defense #defense-evasion #defi #dell #delmia #deserialization #deskrat #detection #developer-targeting #device-encryption #devsecops #dfars #dfir #digital-defense-report #disclosure-gap #discord-webhooks #dkim-misuse #dlp #dns #documents #dod #donor-data #dos #double-extortion #downtime #doxing #doxxing #dprk #dragos #dublin-airport #dynamodb #e-commerce #eaas #ebs #ece #ecommerce #edge #edge-devices #edr-evasion #elastic #elementor #email-infrastructure #email-security #emerging-tech #emf-plus #encryption #endpoint #energy #entra-id #enumeration #eol #eop #espionage #esxi #ethereum-c2 #europe #european-threat-landscape #europol #everest #evil-corp #exchange #exchange-server-security #executive-protection #exfiltration #explainable-ai #exploit #exploit-mitigation #exposure #exprtai #extortion #f5 #fancy-bear #file-upload #financial-cybercrime #financial-fraud #financial-sector #fintech #fips #fireware #forensics #fortiguard-labs #fortinet #framework #fraud #fuzzing #gaming #genai #geopolitical-risk #geopolitics #ghost-network #ghostsecurity #git #gitlab #gmail #google #google-ads #google-tag #government #gps-spoofing #gpt-5 #grapheneos #grpc #gstreamer #ha #hacktivism #hardware #hardware-security #hash #hash-functions #hashicorp #healthcare #hibp #higher-education #hipaa #hitl #holdinghands_rat #homomorphic-encryption #honeypot #hooks #hunting #hypervisor #iacr #iam #icloud #ics #ics-attacks #ide #identity #identity-theft #ikev2 #imo #impersonation #incident-response #india #industrial #industrial-security #information-disclosure #infostealer #injunction #insider-threat #intel #ios #ios-xe #iot #iran #isc #jabber-zeus #japan #javascript #jewelbug #jinjava #jwt #kaslr-bypass #kentico #kerberos #kernel #kev #kpir #l3harris #lanscope #lapsus$#latvia #law-enforcement #layerx #lazarus #ldap #leak #leak-sites #legal #linux #linux-kernel #living-off-the-land #llm #llm-enabled-malware #llm-security #llmnr #loader #lockbit #logistics #lotl #lua #lwe #lynx #machine-learning-security #magento #malaysia #malterminal #malvertising #malware #mandiant #manufacturing #maritime-security #mass-assignment #mass-attack #mayberobot #mcp #mdr #mena #mermaid #meta #mfa-bypass #mfa-enforcement #mfa-fatigue #microsoft #microsoft-365 #mining #mirai #mit-sloan #mitre #mitre-attck #mobile #mobile-security #mod #money-laundering #motex #moxa #mricq #mricq-extradition #multisig #municipal #nation-state #nation-state-actors #nbtns #ncsc #ndss #net_capi_backdoor #netscaler #netsupport #network-infrastructure #network-security #new-york #news #newsletter #nexperia #nist #nist-800-171 #nizk #norobot #npm #nsa #nsa-best-practices #nso #nso_group #ntlm #nvd #oauth #obfuscation #obscura #odp #open-source #open-source-security #openai #openvsx #operation-dream-job #operational-technology #operations #oracle #osint #ot #ot-security #outage #package-registry #paloalto #paloaltonetworks #pam #partnership #passkeys #password-manager #password-reuse #password-spray #patch #patch-tuesday #patching #payments #pdf #pentest #pentesting #persistence #phantomraven #phantomvai #phishing #phoenix-backdoor #php #pii #pixel #pixel-kernel #platform-security #plugin #plugx #podcast #policy #post-quantum #powershell #pqc #preparedness #privacy #privilege-escalation #project-zero #prompt-injection #promptlock #prosper #protobuf #proxy #pwn2own #qilin #qr #qualys #quantum #raas #radare2 #ransomware #rasman #rat #rce #rclone #rdd #rdp #reconnaissance #red-team #redis #remote-access-trojan #research #resecurity #resilience #responder #retail #rhysida #risk #risk-communication #risk-management #rootkit #routers #russia #rust #saas #safe-security #safepay #salesforce #sandworm #sans #sas #sbom #scada #scam-protection #scattered_spider #security-affairs #security-key #security-research-quality #security-tools #security-ui #semiconductors #sentinellabs #sentinelone #seqrite_labs #service-mesh #session-hijacking #sessionreaper #shadow-ai #shadow-it #side-channel #siem #signed-artifacts #sim_boxes #simcartel #slackware #sleepyduck #slopsquatting #smart-contracts #smishing #snp #soc #social-engineering #softether #software-supply-chain #sonatype #sonicwall #sophos #spoofing #spyware #squid #ssa-2025-291-01 #sso #ssrf #standards #stealer-logs #steganography #storage #stormcast #stunnel #supply-chain #supply-chain-attack #survey #symlink #ta505 #tata-motors #taxonomy #tcns #telecommunications #telegram #tenable #tencent_cloud #the-com #the_com #third-party #threat #threat-intel #threat-intelligence #threat-research #threat-trends #tiktok #tokenization #tomcat #tp-link #training #treaty #trojan #trufflenet #typosquatting #ubuntu #uk #ukraine #un #unit42 #university-of-pennsylvania #unpatched #us #us-east-1 #us_federal_officials #usn #usn-7833-2 #usn-7835-4 #v18 #veradigm #virtualization #virustotal #vishing #vmware #voice #vpn #vs-code-extension #vscode #vulnerability #vulnerability-detection #vulnerability-exploitation #vulnerability-management #vulnerability-scanning #vulnerability_management #watchguard #water-sector #web-shell #web-skimming #web3 #webshell #weekly #whatsapp #wifi #windows #windows-gdi #winos_40 #wireless-security #wordpress #workstation #wp-freeio #wso2 #wsus #xortec #xxe #youtube #zdi #zero-day #zero-trust #zeroday #zeus-banking-trojan #zip

Related Tags

University of Pennsylvania Breach - 1.2M Donor Records Exposed

Explore More Tags