svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief November 03, 2025

Private VPN — just $1.2/mo

University of Pennsylvania Confirms Data Breach After Initial Denial

A hacker breached the University of Pennsylvania’s systems, stealing 1.2 million donor and alumni records, including sensitive data like estimated net worth, donation history, and demographic details. The attacker used a compromised employee SSO account to access Salesforce, Qlik, SAP, and SharePoint, then sent offensive emails via Salesforce Marketing Cloud.
Impact: Exposure of highly sensitive donor data, increasing phishing and social engineering risks.
Mitigation: Rotate compromised credentials, monitor for data misuse, and enhance SSO security.
Source: BleepingComputer

Open VSX Tokens Leaked, Used in Supply-Chain Malware Attack

Open VSX, an open-source VS Code extension registry, rotated access tokens after developers accidentally leaked them, enabling threat actors to upload malicious extensions. The attackers deployed GlassWorm malware, which stole developer credentials and targeted cryptocurrency wallets.
Impact: Supply-chain compromise risking credential theft and further breaches.
Mitigation: Shorten token lifetimes, automate extension scans, and improve credential revocation.
Source: BleepingComputer

North Salem School District Fails to Secure Student Data Years After Audit

Two years after an audit flagged weak IT controls, North Salem Central School District still hasn’t fully addressed vulnerabilities, leaving student data at risk. Unmanaged network accounts could allow unauthorized access to sensitive records.
Impact: Ongoing exposure of student PII and potential unauthorized access.
Mitigation: Implement audit recommendations, enforce strict access controls, and monitor account activity.
Source: DataBreaches.net

Alleged Jabber Zeus Developer Extradited to U.S.

Yuriy Rybtsov (“MrICQ”), a key developer for the Jabber Zeus banking trojan group, was extradited from Italy to the U.S. The group stole millions via man-in-the-browser attacks and payroll fraud, leveraging custom malware to bypass 2FA.
Source: KrebsOnSecurity

UPenn Investigates Vulgar Email Incident, Denies Hack Initially

The University of Pennsylvania dismissed offensive emails sent to campus as “fraudulent,” but later investigations revealed a broader breach. Emails were sent from compromised @upenn.edu accounts, though the university initially claimed no hack occurred.
Source: DataBreaches.net

Share this brief: https://svo.bz/vOHT

If you want to support us, you can donate here: Donate