Abaphuhlisi beprojekthi yeMidnightBSD, ephuhlisa inkqubo yokusebenza esekwe kwi-desktop esekwe kwi-FreeBSD enezinto ezifakwe kwi-DragonFly BSD, i-OpenBSD kunye ne-NetBSD, balumkise abasebenzisi malunga nokuchonga umkhondo wokuqhekezwa kwenye yeeseva. I-hack yazibophelela ngokusetyenziswa kwe-CVE-2021-26084 sengozini efunyenwe ekupheleni kuka-Agasti kwi-injini yentsebenziswano yobunini Confluence (i-Atlassian inike ithuba lokusebenzisa le mveliso simahla kwiiprojekthi ezingezizo ezorhwebo kunye nemithombo evulelekileyo).
Umncedisi uphinde waqhuba i-DBMS yeprojekthi kwaye yabamba indawo yokugcina ifayile, eyayisetyenziswa, phakathi kwezinye izinto, ukugcinwa okuphakathi kweenguqulelo ezintsha zeepakethe ngaphambi kokupapasha kwi-server ye-FTP ephambili. Ngokutsho kwedatha yokuqala, indawo yokugcina iphakheji ephambili kunye nemifanekiso ye-iso ekhoyo yokukhuphela ayiphazamiseki.
Kuyabonakala ukuba, uhlaselo lwalungajoliswanga kwaye iprojekthi yeMidnightBSD yaba lelinye lamaxhoba okuqhekezwa okukhulu kweeseva ezineenguqulelo ezisesichengeni zeConfluence, emva kohlaselo, i-malware ejolise kwi-cryptocurrency yezemigodi yafakwa. Okwangoku, isoftware yeseva egqekeziweyo ibuyiselwe kwasekuqaleni kwaye i-90% yeenkonzo eziye zacinywa emva kokuba i-hack ibuyiselwe kwinkonzo. Kuye kwagqitywa ukuba kuhlehliswe ukukhutshwa okuzayo kweMidnightBSD 2.1.
umthombo: opennet.ru