Infosec bits for 2024 week 26

Sicelo Ncekana | June 30, 2024, 1:06 a.m.

Cybersecurity News:

Temu app considered malicious malware in new US lawsuit [Updated] (bizcommunity.com) [Lindsey Schutters, Bizz Community]

Fake software fixes fuel money-stealing malware threat | Fox News [Kurt Knutsson, Fox News]

Ransomware disrupts South Africa’s national health lab [SC Media, SC Media]

Vulnerabilities & Patches:

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others [Newsroom, The Hacker News]

Skybox Security Report Reveals Key Vulnerability Trends Over Past Year [Anuj Mudaliar, Spiceworks]

Massive authentication vulnerability risks compromising much of the internet [Matt Binder, MSN]

Malware:

Snowblind malware abuses Android security feature to bypass security [Bill Toulas, Bleeping Computer]

Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads [Newsroom, The Hacker News]

Poseidon malware menaces Mac users via GoogleAds [Shaun Nichols, SC Media]

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations [Newsroom, The Hacker News]

New Medusa malware variants target Android users in seven countries [Bill Toulas, Bleeping Computer]

Breaches & Leaks:

Hacker Claims Indonesia Civil Aviation Data Breach (thecyberexpress.com) [Krishna Murthy, The Cyber xpress]

TeamViewer's corporate network was breached in alleged APT hack (bleepingcomputer.com) [Lawrence Abrams, Bleeping Computer]

Massive data breach exposes over 3 million Americans' personal information to cybercriminals | Fox News [Kurt Knutsson, Fox News]

Levi’s Data Breach: 72,000+ Customers’ Data Exposed [Dhivya, Cyber Security News]