Security Affairs newsletter Round 382
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
| Google rolled out emergency fixes to address actively exploited Chrome zero-day |
| Samsung discloses a second data breach this year |
| The Prynt Stealer malware contains a secret backdoor. Crooks steal data from other cybercriminals |
| Another Ransomware For Linux Likely In Development |
| Experts link Raspberry Robin Malware to Evil Corp cybercrime gang |
| Google Chrome issue allows overwriting the clipboard content |
| Attack infrastructure used in Cisco hack linked to Evil Corp affiliate |
| Researchers analyzed a new JavaScript skimmer used by Magecart threat actors |
| Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal |
| 1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials FBI is helping Montenegro in investigating the ongoing cyberattack |
| Apple released patches for recently disclosed WebKit zero-day in older iPhones and iPads |
| A flaw in TikTok Android app could have allowed the hijacking of users’ accounts |
| Threat actors breached the network of the Italian oil company ENI |
| GO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope image |
| Experts spotted five malicious Google Chrome extensions used by 1.4M users |
| China-linked APT40 used ScanBox Framework in a long-running espionage campaign |
| Russian streaming platform Start discloses a data breach impacting 7.5M users |
| A new Google bug bounty program now covers Open Source projects |
| Three campaigns delivering multiple malware, including ModernLoader and XMRig miner A study on malicious plugins in WordPress Marketplaces |
| World’s largest distributors of books Baker & Taylor hit by ransomware |
| Crooks are increasingly targeting DeFi platforms to steal cryptocurrency |
| US FTC sued US data broker Kochava for selling sensitive and geolocation data |
| Twilio breach let attackers access Authy two-factor accounts of 93 users |
| Nitrokod crypto miner infected systems across 11 countries since 2019 |
| CISA adds 10 new flaws to its Known Exploited Vulnerabilities Catalog |
| Scammers used a deepfake AI hologram of Binance executive to scam crypto projects |
| COVID-19 data put for sale on Dark Web |
| Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit Experts warn of the first known phishing attack against PyPI |
| New Agenda Ransomware appears in the threat landscape |
Follow me on Twitter: @securityaffairs and Facebook
|
|
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 382 appeared first on Security Affairs.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
