Security Affairs newsletter Round 302

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

PayPal addresses reflected XSS bug in user wallet currency converter
The kingpin behind Jokers Stash retires with a billionaire exit
France agency ANSSI links Russias Sandworm APT to attacks on hosting providers
French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine
The malicious code in SolarWinds attack was the work of 1,000+ developers
VMware fixes command injection issue in vSphere Replication
A new Bluetooth overlay skimmer block chip-based transactions
Hackers abusing the Ngrok platform phishing attacks
Popular SHAREit app is affected by severe flaws yet to be fixed
Telegram flaw could have allowed access to users secret chats
Centreon says that recently disclosed campaigns only targeted obsolete versions of its open-source software
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware
ScamClub malvertising gang abused WebKit zero-day to redirect to online gift card scams
US DoJ charges three members of the North Korea-linked Lazarus APT group
Credential stuffing attack hit RIPE NCC: Members have to enable 2FA
SolarWinds hackers had access to components used by Azure, Intune, and Exchange
The OpenSSL Project addressed three vulnerabilities
WatchDog botnet targets Windows and Linux servers in cryptomining campaign
Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning
Hackers steal credit card data abusing Googles Apps Script
New Masslogger Trojan variant exfiltrates user credentials
Privacy bug in the Brave browser exposes Tor addresses to users DNS provider
Sequoia Capital Venture Capital firm discloses a data breach
Silver Sparrow, a new malware infects Mac systems using Apple M1 chip
SonicWall releases second firmware updates for SMA 100 vulnerability

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 302 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source