A critical SSRF vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to harvest user credentials and impersonate victims, risking severe security breaches across services like Power Apps and Automate. Microsoft patched the flaw (CVE-2024-49070) in December 2024, emphasizing the need for organizations to implement updates, limit user permissions, and monitor suspicious activity.
Columbia University Irving Medical Center pays $600K in data breach lawsuit settlement
In May 2024, DataBreaches logged an incident on our worksheets that involved the Columbia University Irving Medical Center in New York. The incident had been
