McGraw Hill Data Breach Hits Millions, Maine Enacts Data Center Ban

McGraw Hill Data Breach Impacts Thirteen Point Five Million Accounts

• Edtech company McGraw Hill suffered data breach affecting thirteen point five million accounts.
• Incident linked to Salesforce misconfiguration exploited by ShinyHunters group.
• Exposed information reportedly included personal and educational records.

UNITED STATES, Apr 16 (TNGB) – McGraw Hill Education disclosed a significant security incident that compromised records belonging to thirteen point five million user accounts. Investigators traced the breach to a misconfigured Salesforce instance that allowed unauthorized access by the hacking collective known as ShinyHunters. The exposed data reportedly contained names, email addresses, and other educational details stored within the platform.

Organizations must treat third party cloud configurations with the same scrutiny applied to their own internal systems.

Why This Matters: It underscores the persistent risks of misconfigured third-party cloud services used by major education providers.

UK Government Consults On New Digital ID Scheme Amid Liberty Concerns

• UK government public consultation on digital identity scheme opened March 10.
• Scheme would centralize personal verification across public and private services.
• Civil liberties groups warn of risks to privacy and individual freedoms.

LONDON, Apr 16 (TNGB) – British officials opened a formal consultation period on March 10 for plans for a nationwide digital identity framework designed to streamline access to government and commercial services. The proposal envisions a single verified credential that citizens could use for banking, travel, and benefit claims. The consultation closes May 5 with advocacy organizations expressing reservations about the potential for function creep and mass surveillance.

Careful oversight during the consultation phase will determine whether convenience outweighs the erosion of traditional anonymity.

Why This Matters: The ongoing consultation could shape the future of digital identity systems and their impact on civil liberties in the United Kingdom.

Microsoft Defender RedSun Zero Day PoC Grants Full System Privileges

• Security researchers published proof of concept for Defender RedSun zero day.
• Exploit reportedly grants SYSTEM level privileges on affected Windows machines.
• Vulnerability resides in Microsoft’s built in antivirus and endpoint protection.

REDMOND, Apr 16 (TNGB) – Independent researchers released a working proof of concept that exploits a previously undisclosed flaw in Microsoft Defender. The RedSun vulnerability allows attackers to escalate privileges to the highest SYSTEM level on targeted Windows installations. Microsoft has acknowledged the issue and is preparing patches while urging immediate updates where possible.

The disclosure serves as a reminder that even core security tools require constant independent scrutiny.

Why This Matters: It highlights vulnerabilities in Microsoft’s flagship endpoint protection that could be exploited before patches arrive.

Hackers Use Marimo Flaw To Deploy NKAbuse Malware Via Hugging Face

• Attackers exploited vulnerability in open source Marimo tool.
• Malware known as NKAbuse deployed through Hugging Face model repository.
• Campaign reportedly targets users downloading compromised notebooks.

GLOBAL, Apr 16 (TNGB) – Threat actors leveraged a security flaw in the popular Marimo data notebook framework to distribute NKAbuse malware. The malicious payloads were hosted on the Hugging Face platform inside seemingly legitimate machine learning models. Once executed the malware established persistence and communicated with command servers linked to North Korean infrastructure.

This incident illustrates the supply chain dangers inherent in open source artificial intelligence repositories.

Why This Matters: It reveals how popular AI model repositories can become vectors for state-linked malware distribution.

New ATHR Vishing Platform Leverages AI Voice Agents For Attacks

• Emerging vishing platform employs artificial intelligence generated voice calls.
• Automated agents conduct sophisticated social engineering conversations.
• Targets receive realistic phone calls requesting sensitive information or payments.

GLOBAL, Apr 16 (TNGB) – Cybersecurity firms identified a new voice phishing service that relies on advanced artificial intelligence to generate natural sounding conversations. The ATHR platform automates entire call campaigns that impersonate banks, government agencies, or technical support staff. Victims face pressure to reveal credentials or transfer funds during the realistic interactions.

The rise of AI driven voice attacks demands heightened skepticism toward unsolicited phone contact.

Why This Matters: AI voice technology is making large-scale social engineering attacks faster, cheaper, and harder to detect.

Maine Passes Ban On Power Hungry Data Centers Amid Local Opposition

• Maine legislature passed bill for eighteen month moratorium on large data centers.
• Facilities exceeding twenty megawatts now prohibited pending governor signature.
• Residents cited noise, power consumption, and environmental strain as primary concerns.

MAINE, Apr 16 (TNGB) – State lawmakers passed legislation imposing an eighteen month moratorium on new data centers larger than twenty megawatts. The bill awaits the governor’s signature. Local communities had grown vocal about the noise pollution, massive electricity demands, and water usage associated with these facilities. Officials hope the pause will allow time to study long term impacts before further approvals.

The decision reflects a broader national pushback against unchecked expansion of artificial intelligence infrastructure.

Why This Matters: It signals growing local resistance to the massive energy demands of AI data centers across the United States.

Developer Tool Pulls Malicious Open Source Library Version Automatically

• Company developer tool fetched compromised version of popular open source library.
• Malicious code reportedly introduced through upstream repository compromise.
• Affected organization insists no impact occurred to core systems or software.

UNITED STATES, Apr 16 (TNGB) – A prominent technology firm discovered that an internal developer tool had automatically downloaded a tampered version of a widely used open source library. The malicious package contained backdoor code inserted by unknown actors into the public repository. Company security teams conducted a full investigation and stated that internal safeguards prevented any compromise of production environments.

This event reinforces the need for strict version pinning and integrity checks in modern software supply chains.

Why This Matters: It demonstrates the real-world dangers of automated dependency updates in open source software ecosystems.

Chinese Chip Fabs Import Record US Equipment Through Southeast Asia

• Chinese semiconductor plants imported record volumes of US chipmaking tools.
• Imports routed through Singapore and Malaysia to avoid direct restrictions.
• Domestic Chinese tool makers achieved record revenues despite price competition.

BEIJING, Apr 16 (TNGB) – Data shows Chinese wafer fabrication facilities brought in unprecedented quantities of advanced American semiconductor manufacturing equipment during the past year. Shipments were rerouted via intermediaries in Singapore and Malaysia to comply with export controls. Meanwhile local Chinese equipment suppliers reported record 2025 sales figures even as intense competition compressed profit margins.

The pattern reveals how global supply chains adapt creatively to ongoing technology export barriers.

Why This Matters: It illustrates the effectiveness and limitations of US export controls on advanced chipmaking technology.

European Commission Pushes Google To Share Search Data With Rivals

• European Commission proposed requirement for Google to share search data.
• Move aims to increase competition in online search and advertising markets.
• Regulators seek to level playing field for smaller European tech firms.

BRUSSELS, Apr 16 (TNGB) – The European Commission has formally requested that Google provide competitors with access to anonymized search query data and related advertising metrics. Officials argue the step is necessary to foster genuine competition in digital search services dominated by the American giant. Google maintains that such sharing could harm user privacy and innovation incentives.

The proposal continues Europe’s aggressive regulatory approach to large technology platforms.

Why This Matters: It could force major changes in how search data is shared and reshape competition in European digital markets.

Cisco Warns Of Critical Webex Services Vulnerability Needing Urgent Fix

• Cisco issued advisory March 4 for medium severity XSS flaw in Webex.
• Issue fixed in cloud infrastructure with no customer action required.
• Advisory emphasized flaw in backend services.

CALIFORNIA, Apr 16 (TNGB) – Cisco issued an advisory on March 4 detailing a medium severity cross-site scripting vulnerability affecting its Webex collaboration platform. The issue was already resolved in the cloud infrastructure with no customer action needed. The company emphasized that the flaw resided in backend services rather than end user client software.

Timely awareness of past advisories remains essential for organizations relying on Webex for daily communications.

Why This Matters: Cloud-fixed Webex flaws demonstrate how vendor-side remediation can limit customer exposure when properly disclosed.