InfoSecBulletin Cybersecurity for mankind
Microsoft’s AI research division accidentally leaked large amounts of sensitive data. This happened when they were contributing open-source AI learning models to a public GitHub repository.
Cloud security firm Wiz recently discovered that a Microsoft employee mistakenly shared a URL. This URL led to a misconfigured Azure Blob storage bucket that contained leaked information.
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
The Wiz Research Team has made a remarkable discovery that, in addition to the open-source models, the internal storage account unintentionally granted access to an astounding 38TB of additional and private data.
The exposed data included backups of personal information belonging to Microsoft employees. This included passwords for Microsoft services, secret keys, and an archive of over 30,000 internal Microsoft Teams messages from 359 Microsoft employees.
Microsoft issued an advisory on Monday stating that “no customer data was exposed and no other internal services were at risk during the incident”.
Wiz reported the incident to MSRC on June 22, 2023. They revoked the SAS token to prevent external access to the Azure storage account. The issue was resolved on June 24, 2023.
Source:
Bleeping computer
Times of India
TechCrunch
