Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Polyverse Weekly Breach Report – May 18th 2020

May 18, 2020By Shaina Raskin


A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


Android apps expose users’ data

More than 4,000 Android apps that use Google Cloud-hosted Firebase databases are leaking sensitive user data thanks to security misconfigurations. To read more:



If you are running vBulletin software make sure you patch it immediately, due to a critical security vulnerability. To read more: 


Hackers hit media law firm

The website of Grubman Shire Meiselas & Sacks, a law firm used by celebrities such as Lady Gaga, Drake and Madonna, is down, and hackers are claiming to have stolen gigabytes of data. To read more:


ShinyHunters hack

An estimated 73m user records from ten companies, including the StarTribune, Chatbooks and Zoosk, were put up for sale on the dark web by the ShinyHunters hacking group. To read more:


Video-conferencing software scams

Hackers are capitalizing on the COVID-19 pandemic by registering domains impersonating Zoom, Microsoft Teams and Google Meet and using them for phishing scams. To read more:


Malware targets air?gapped networks

Researchers discovered a new malware called Ramsay attacking high-value computers in air-gapped networks. To read more:


Flawed Microsoft patch

Microsoft released a patch to prevent reverse-RDP attacks that was easily bypassed by hackers. The company subsequently rectified the error and re-patched affected systems. To read more: 



Huawei denied any involvement in the Linux kernel patch that was submitted by an employee and subsequently arose security concerns. To read more:



This public-internet cybercrime store is now selling access to more than 43,000 hacked servers. To read more:


Chinese hacking of US COVID-19 research

The US government formally accused China of hacking American organizations working on COVID-19 research. To read more:


Magellan Health

US healthcare-insurance giant Magellan Health announced that it was hit by a ransomware attack and data breach. To read more:


COMpfun remote access trojan

A new malware campaign is using HTTP status codes to control compromised systems at “diplomatic entities” in Europe. To read more: 


Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.