Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Polyverse Weekly Breach Report – Apr 20th 2020

Apr 20, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Healthcare facilities

Hackers are targeting healthcare facilities with ransomware during the coronavirus pandemic. The latest victims, both in Canada, are a government-owned healthcare organization and a medical-research university. To read more:



This online marketplace for trading stickers, toys and other collectibles suffered a data breach in 2019 that impacted 4m users. To read more:



Hackers are selling critical zero-day vulnerabilities for the video-conferencing app Zoom. The vulnerabilities are present on both Windows and MacOS clients. To read more:


Chrome extensions

Google removed 49 Chrome browser extensions from its web store that pretended to be cryptocurrency wallets, but instead contained malicious code used to empty victims’ digital currencies. To read more:



Microsoft released security updates to patch four zero-day vulnerabilities that hackers are already actively exploiting. To read more:


Saint Francis Ministries

A data breach at Saint Francis Ministries was caused by a hacker accessing an employee’s email account. The hacker stole personal information as well as financial and health data. To read more:


North Korean hackers 

The FBI and the US Departments of State, Treasury and Homeland Security announced a $5m reward for information on hackers raising funds for the Pyongyang regime. To read more:



The Pentagon is seeing a major increase in cyberattacks as pandemic-related restrictions mean most security-cleared employees are working from more-vulnerable remote computers. To read more:



Researchers discovered over 700 malicious packages written in Ruby being distributed through the RubyGems repository. This campaign uses typosquatting techniques where attackers upload intentionally misspelled packages. To read more:


Pulse Secure VPN

The US Cybersecurity and Infrastructure Security Agency warned organizations of a remote code-execution vulnerability in Pulse Secure VPN servers. To read more:


FBI Foreign Hackers

The FBI has seen evidence of foreign state-sponsored hackers breaking into US COVID-19 research institutions. To read more:


U.S. Hospitals

Hackers have deployed ransomware against the systems of US hospitals and government entities using Active Directory credentials stolen months after exploiting a known pre-auth remote code-execution vulnerability in their Pulse Secure VPN servers. To read more:



Credentials of 20m users of an Android app store known as Aptoide have been published online by a hacker who claims to have an additional 19m stolen user records. To read more:


Mediterranean Shipping Company

This container-shipping company reported a network outage issue impacting Malware may have forced the closure of one of the company’s data centers, but investigation into the cause of the outage is ongoing. To read more:


Energias de Portugal

A Portuguese energy firm suffered a ransomware attack that stole more than 10TB of sensitive files. The hackers threatened to leak the data unless the firm paid $11m in ransom. To read more:,-extorted-for-$11-million



Wappalyzer, a technology data firm, disclosed a security breach after a hacker began emailing customers and offering to sell the company’s database for $2,000. To read more:



The IT-services company Cognizant suffered a Maze ransomware attack. To read more:



Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.