Security Affairs newsletter Round 382

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Google rolled out emergency fixes to address actively exploited Chrome zero-day
Samsung discloses a second data breach this year
The Prynt Stealer malware contains a secret backdoor. Crooks steal data from other cybercriminals
Another Ransomware For Linux Likely In Development
Experts link Raspberry Robin Malware to Evil Corp cybercrime gang
Google Chrome issue allows overwriting the clipboard content
Attack infrastructure used in Cisco hack linked to Evil Corp affiliate
Researchers analyzed a new JavaScript skimmer used by Magecart threat actors
Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal
1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials
FBI is helping Montenegro in investigating the ongoing cyberattack
Apple released patches for recently disclosed WebKit zero-day in older iPhones and iPads
A flaw in TikTok Android app could have allowed the hijacking of users’ accounts
Threat actors breached the network of the Italian oil company ENI
GO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope image
Experts spotted five malicious Google Chrome extensions used by 1.4M users
China-linked APT40 used ScanBox Framework in a long-running espionage campaign
Russian streaming platform Start discloses a data breach impacting 7.5M users
A new Google bug bounty program now covers Open Source projects
Three campaigns delivering multiple malware, including ModernLoader and XMRig miner
A study on malicious plugins in WordPress Marketplaces
World’s largest distributors of books Baker & Taylor hit by ransomware
Crooks are increasingly targeting DeFi platforms to steal cryptocurrency
US FTC sued US data broker Kochava for selling sensitive and geolocation data
Twilio breach let attackers access Authy two-factor accounts of 93 users
Nitrokod crypto miner infected systems across 11 countries since 2019
CISA adds 10 new flaws to its Known Exploited Vulnerabilities Catalog
Scammers used a deepfake AI hologram of Binance executive to scam crypto projects
COVID-19 data put for sale on Dark Web
Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit
Experts warn of the first known phishing attack against PyPI
New Agenda Ransomware appears in the threat landscape

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 382 appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source