The LastPass breach was indeed linked to a vulnerability in Plex Media Server. Attackers exploited an unpatched version of Plex on a LastPass DevOps engineer’s personal computer, enabling them to install keylogger malware. This allowed them to capture the engineer’s master password after multi-factor authentication, granting access to sensitive corporate vaults.
Notably, the Plex vulnerability had been patched in May 2020—approximately 75 versions prior to the breach. The compromise occurred because the engineer hadn’t updated their Plex software. While the flaw was in Plex, the breach underscores the critical importance of timely software updates and robust security practices.
https://www.wired.com/story/lastpass-engineer-breach-securit...
In short: other posters want to hear from you, not from an AI. AI written posts aren't actually valuable (we can all dump stuff into the AI just fine). If you don't have much to say, it's fine to just share a link to the source you found.
Just link the article if you have nothing more to say. If you absolutely insist on posting AI-generated stuff be extremely clear that it is AI-generated instead of hiding that it has been ghostwritten by a LLM.
The LastPass breach was indeed linked to a vulnerability in Plex Media Server. Attackers exploited an unpatched version of Plex on a LastPass DevOps engineer’s personal computer, enabling them to install keylogger malware. This allowed them to capture the engineer’s master password after multi-factor authentication, granting access to sensitive corporate vaults.
Notably, the Plex vulnerability had been patched in May 2020—approximately 75 versions prior to the breach. The compromise occurred because the engineer hadn’t updated their Plex software. While the flaw was in Plex, the breach underscores the critical importance of timely software updates and robust security practices. https://www.wired.com/story/lastpass-engineer-breach-securit...
Please don't post AI replies.
it's a factual thing I learned after following the comment threads and asking the AI about it, it does link to the source article.
Why is this bad?
I will, im just wondering, would only the link to the source article been better/acceptable here?
I dont' get the hate for AI replies if they're on topic and generated by a human tbh, but ill respect it since its not first time seeing this i guess
> Why is this bad?
In short: other posters want to hear from you, not from an AI. AI written posts aren't actually valuable (we can all dump stuff into the AI just fine). If you don't have much to say, it's fine to just share a link to the source you found.
Just link the article if you have nothing more to say. If you absolutely insist on posting AI-generated stuff be extremely clear that it is AI-generated instead of hiding that it has been ghostwritten by a LLM.
makes sense thanks for the feedback