passwords stolen thanks to a BMC chip with a fairly serious Universal Plug-n-Play feature. According to security researcher Zachary Wikholm, there is s a flaw in the IPMI BIOS on the WPCM450 BMC (Baseboard Management Controller) that Supermicro uses on their boards (with the exception of very newest ones).