A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
Google rolled out emergency fixes to address actively exploited Chrome zero-daySamsung discloses a second data breach this yearThe Prynt Stealer malware contains a secret backdoor. Crooks steal data from other cybercriminalsAnother Ransomware For Linux Likely In DevelopmentExperts link Raspberry Robin Malware to Evil Corp cybercrime gangGoogle Chrome issue allows overwriting the clipboard contentAttack infrastructure used in Cisco hack linked to Evil Corp affiliateResearchers analyzed a new JavaScript skimmer used by Magecart threat actorsRagnar Locker ransomware gang claims to have stolen data from TAP Air Portugal1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials
FBI is helping Montenegro in investigating the ongoing cyberattackApple released patches for recently disclosed WebKit zero-day in older iPhones and iPadsA flaw in TikTok Android app could have allowed the hijacking of users’ accountsThreat actors breached the network of the Italian oil company ENIGO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope imageExperts spotted five malicious Google Chrome extensions used by 1.4M usersChina-linked APT40 used ScanBox Framework in a long-running espionage campaignRussian streaming platform Start discloses a data breach impacting 7.5M usersA new Google bug bounty program now covers Open Source projectsThree campaigns delivering multiple malware, including ModernLoader and XMRig miner
A study on malicious plugins in WordPress MarketplacesWorld’s largest distributors of books Baker & Taylor hit by ransomwareCrooks are increasingly targeting DeFi platforms to steal cryptocurrencyUS FTC sued US data broker Kochava for selling sensitive and geolocation dataTwilio breach let attackers access Authy two-factor accounts of 93 usersNitrokod crypto miner infected systems across 11 countries since 2019CISA adds 10 new flaws to its Known Exploited Vulnerabilities CatalogScammers used a deepfake AI hologram of Binance executive to scam crypto projectsCOVID-19 data put for sale on Dark WebSurveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit
Experts warn of the first known phishing attack against PyPINew Agenda Ransomware appears in the threat landscape
Follow me on Twitter: @securityaffairs and Facebook
(SecurityAffairs – hacking, newsletter)
The post Security Affairs newsletter Round 382 appeared first on Security Affairs.
Leer másSecurity Affairs
