logo

UK school’s network left wide open for invasion, student found

ID: a786b20b-339a-58b8-b082-571dd3ec345d

STIX ID: report--a786b20b-339a-58b8-b082-571dd3ec345d

Feed Name: The Register (Security)

Threat Score
50/100

Date Published: 2026-06-25

Date Updated: 2026-06-25

...
...

A UK sixth-form student discovered a misconfigured Active Directory where administrator passwords were stored in description fields and no admin authentication was required, enabling view and remote-control of servers, access to Google Workspace mailboxes, firewall settings and classroom management tools; the student did not exploit the access but the exposure represents a serious local security misconfiguration.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.