Hasbro disclosed unauthorized access to its systems, an intrusion first detected on 28 March that has since forced the company to take parts of its infrastructure offline and warn that product deliveries could be delayed for weeks.
Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
I looked at the config and noticed the customer did not have a default route set. He wasn't sure if that was the problem, so he made some changes he thought might be useful. The router Caleb worked on then rebooted, which he expected. But when it restarted, its previous configuration was gone.
The attack illustrates the extent to which Big Tech relies on open-source software. Without the many contributions of open-source developers, Apple, Amazon, Google, Microsoft, and everyone else would need to invest vast sums in building more of the infrastructure of our digital world.
Never feel that you are totally safe. In July 2025, one company learned the hard way after an AI coding assistant it dearly trusted from Replit ended up breaching a "code freeze" and implemented a command that ended up deleting its entire product database. This was a huge blow to the staff. It effectively meant that months of extremely hard work, comprising 1,200 executive records and 1,196 company records, ended up going away.
This phishing attack enabled the threat actor to access 'certain internal IT business applications.' The malicious actor gained unauthorized entry by compromising an employee's access to the organization's internal network for business administration.
