Security Affairs newsletter Round 295

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

HackerOne announces first bug hunter to earn more than $2M in bug bounties

SolarWinds releases updated advisory for SUPERNOVA backdoor

Vermont Hospital confirmed the ransomware attack

E-commerce app 21 Buttons exposes millions of users data

Finland confirms that hackers breached MPs emails accounts

Multi-platform card skimmer targets Shopify, BigCommerce, Zencart, and Woocommerce stores

Nefilim ransomware operators leak data stolen from Whirlpool

Threat actor is selling a dump allegedly including 2,5M customers of service provider Ho Mobile

CISA releases a PowerShell-based tool to detect malicious activity in Azure, Microsoft 365

Japanese Kawasaki Heavy Industries discloses security breach

SolarWinds hackers aimed at access to victims cloud assets

CISA demands US govt agencies to update SolarWinds Orion software

Google Docs bug could have allowed hackers to hijack screenshots

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

US Treasury warns of ransomware attacks on COVID-19 vaccine research

Emotet campaign hits Lithuanias National Public Health Center and several state institutions

New Golang-based Crypto worm infects Windows and Linux servers

SolarWinds hackers gained access to Microsoft source code

Threat actor is selling 368.8 million records from 26 data breaches

Alleged docs relating to Covid-19 vaccine leaked in darkweb

Expert found a secret backdoor in Zyxel firewall and VPN

Facebook ads used to steal 615000+ credentials in a phishing campaign

Today Adobe Flash Player reached the end of life (EOL)

AutoHotkey-Based credential stealer targets bank in the US and Canada

FBI warns swatting attacks on owners of smart devices

Ticketmaster will pay $10 Million fine over hacking a competitor