flaw

“Alleged Hacking Incident Leaves AnyCubic 3D Printer Owners Vulnerable to Security Breach, According to Reports by Users”

Anycubic Hacked Machine
Anycubic users say their 3D printers were hacked to warn of a security flawAnycubic customers are reporting that their 3D printers have been hacked and now display a message warning of an alleged security flaw in the company’s systems. Feel free to disconnect your printer from the internet if you don’t wanna get hacked by a bad actor! You have not been harmed in any way.”The text file described an unspecified vulnerability in Anycubic’s MQTT service, which allegedly allows the ability to “connect and control” customer 3D printers that are connected to the internet. The person who authored the text file claimed they sent the message to 2.9 million Anycubic 3D printers. “Disconnect your printer from the internet until anycubic patches this issue,” the text file reads.

** Warning: High-Risk Exploit of ConnectWise Vulnerability Poses Harm, Researchers Claim

Connectwise Flaw Huntress Security
Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit “I can’t sugarcoat it — this shit is bad," said Huntress' CEOSecurity experts are warning that a high-risk vulnerability in a widely used remote access tool is “trivial and embarrassingly easy” to exploit, as the software’s developer confirms malicious hackers are actively exploiting the flaw. The maximum severity-rated vulnerability affects ConnectWise ScreenConnect (formerly ConnectWise Control), a popular remote access software that allows managed IT providers and technicians to provide real-time remote technical support on customer systems. Cybersecurity company Huntress on Wednesday published an analysis of the actively exploited ConnectWise vulnerability. ConnectWise also released a fix for a separate vulnerability affecting its remote desktop software. The U.S. agencies also observed hackers abusing remote access software from AnyDesk, which was earlier this month forced to reset passwords and revoke certificates after finding evidence of compromised production systems.