- Security News:
- Hackers compromise 3CX desktop app in a supply chain attack [Sergiu Gatlan, Bleeping Computer]
- DBatLoader Sweeps European Countries With Multiple Malware Payloads [Cyware, Cyware]
- AlienFox source code toolset harvests credentials from 18 cloud services [Steve Zurier, SC Magazine]
- Clipboard-Injector Attacks Target Cryptocurrency Users [Alessandro Mascellino, Info-security Magazine]
- Beware of new MacStealer Malware that can steal your iCloud keychain data and passwords [Kurt Knutsson, Fox news]
- Breaches & Leaks:
- NHS condemned for outing HIV service users in ‘distressing’ data breach: ‘Simply no excuse’ [Sophie Perry, Pink News]
- Latitude Financial data breach now impacts 14 million customers [Bill Toulas, Bleeping Computer]
- Procter & Gamble confirm breach [Vilius Petkauskas, Cybernews]
- DarkBit puts data from Israel’s Technion university on sale [Apurva Venkat, CSO Online]
- Toyota Italy accidentally leaked sensitive data [Pierluigi Paganini, Security Affairs]
- ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation [Eduard Kovacs, Security Week]
- Vulnerabilities & Patches:
- Researchers Detail Severe “Super FabriXss” Vulnerability in Microsoft Azure SFX [Ravie Lakshmanan, The Hacker News]
- Google: Spyware vendors exploiting iOS, Android zero days [Arielle Waldman, TechTarget]
- You Need to Update Apple’s iOS 16.4 for More Than the Goose Emoji [Kate O’Flaherty, Wired]
- Microsoft Patches ‘Dangerous’ RCE Flaw in Azure Cloud Service [Elizabeth Montalbano, Dark Reading]
- Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks [Eduard Kovacs, Security Week]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F