Post AvaMZ9UGnmmtUprdOC by hrbrmstr@mastodon.social
 (DIR) More posts by hrbrmstr@mastodon.social
 (DIR) Post #AvaMZ9UGnmmtUprdOC by hrbrmstr@mastodon.social
       2025-06-28T09:37:13Z
       
       1 likes, 0 repeats
       
       O_O Synology's middleware service was inadvertently exposing a master credential during every setup process, and this credential belonged to Synology's global app registration, giving attackers broad read-only access to organizational data including Teams messages, group information, and Microsoft 365 content. https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/