Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Polyverse Weekly Breach Report – Feb. 24th 2020

Feb 24, 2020By Shaina Raskin


A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Fox Kitten

Researchers discovered a cyber-espionage campaign directed at the IT, telecommunications, oil and gas, aviation and government sectors. The Iranian state-sponsored hackers are exploiting VPN flaws in an attempt to compromise internal networks. To read more:


ThemeGrill Demo Importer

The ThemeGrill WordPress plugin contains an easy-to-exploit software vulnerability that enables remote attackers to compromise websites and blogs. The plugin is installed on more than 200,000 sites. To read more:



A cybersecurity firm published a report claiming that unsigned firmware persists as a major problem in device and peripheral products. Many manufacturers don’t sign the firmware they ship, or fail to enforce checks every time drivers are loaded. To read more:


IOTA cryptocurrency

IOTA Foundation, the nonprofit behind this cryptocurrency, shut down its network after hackers exploited a vulnerability in the IOTA wallet app. In order to break in and steal funds, the hackers exploited a third-party integration. The IOTA network is still down while the foundation investigates the hack. To read more:


Energy-industry attack

The Department of Homeland Security issued a warning to critical-infrastructure industries, after a ransomware attack targeted an unnamed natural-gas compression facility and took its servers out of operation for two days. To read more:


Like of the Year 2020

Researchers discovered a fraud scheme that targets Russian internet users in order to steal their payment-card information. The attack gets users to participate in a spoofed “Like of the Year 2020” contest. To read more:


MGM hotels

Information on 10.6m hotel guests was published on a hacking forum last week, including personal and contact details of celebrities, CEOs, reporters and government officials. To read more:


Georgia cyberattacks

The US State Department released a statement calling out Russia for the cyberattacks that hit the country of Georgia last fall. To read more:


Neebs Gaming

This YouTube gaming channel, which has 1.88m subscribers, was hacked over the weekend. The hackers attempted to collect Bitcoin from viewers and subscribers. To read more:


ThemeREX Addons

Attackers are creating user accounts with admin permissions on WordPress sites by exploiting a vulnerability in the plugin ThemeRX Addons. To read more:



Hackers were inside Citrix networks for five months before they were discovered. The hackers stole personal and financial data on company employees, contractors, interns and others. To read more:


Microsoft subdomains

A security researcher discovered that Microsoft has trouble managing its thousands of subdomains, some of which have been hacked. A total of 21 subdomains were reported as misconfigured in 2017 and another 142 subdomains were reported  in 2019, but only 5-10% have been fixed. To read more:



DISA informed victims that a data breach from May through July 2019 impacted their data. To read more:


Pasco and Kobe Steel

Two large Japanese companies experienced a data breach during the past few years. The companies reported that malware infected internal networks and files were stolen. To read more:


INA Group

A cyberattack crippled business operations at INA Group, Croatia’s largest oil company. Ransomware infected and encrypted some of the company’s backend servers. To read more:


Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.