Infosec bits for 2024 week 22

Kgwadi Matenche | May 31, 2024, 2:35 p.m.

Cybersecurity News:

Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered [Waqas, Hackread]

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw [Newsroom, The Hacker News]

4 Arrested as Operation Endgame Disrupts Ransomware Botnets [Waqas, Hackread]

Cybercriminals pose as "helpful" Stack Overflow users to push malware [Lawrence Abrams, Bleeping Computer]

Vulnerabilities & Patches:

Check Point releases emergency fix for VPN zero-day exploited in attacks [Bill Toulas, Bleeping Computer]

XSS Vulnerabilities Found in WordPress Plugin Slider Revolution [Alessandro Mascellino, Infosecurity Magazine]

Google fixes eighth actively exploited Chrome zero-day this year [Bill Toulas, Bleeping Computer]

Breaches & Leaks:

Hackers Claim Ticketmaster Data Breach: 560M Users’ Info for Sale at $500K [Waqas, Hackread]

BBC Pension Scheme Breached, Exposing Employee Data [James Coker, Infosecurity Magazine]

Ransomware attack on Seattle Public Library knocks out online systems [Jonathan Greig, Recorded Future News]

Others:

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors [Ionut Arghire, SecurityWeek]

Botnet down and administrator arrested in 911 S5 case, FBI says [James Reddick, Recorded Future News]

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access [Dark Reading Staff, Dark Reading]