Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Polyverse Weekly Breach Report

Apr 17, 2018By Shaina Raskin

A snapshot look at the breaches and reported vulnerabilities of last week


Mark Zuckerberg mentioned a well-known Russian hacking group during his testimony before Congress last week. Prior to the 2016 US election, Facebook shut down accounts related to “Group APT28,” which is part of GRU, the main Russian foreign-intelligence agency. To read more:

Great Western Railway

Great Western Railway, a British train operator, is telling all of its customers to change their passwords after a cyberattack exposed accounts last week. About 1,000 customers are believed to have been affected. To read more:


Hackers defaced a variety of popular YouTube videos including Despacito. The thumbnails were changed and the message “Free Palestine” was added. To read more:


Inogen, a company that makes portable oxygen devices, notified 30,000 customers that their personal information was leaked after an employee’s email was hacked. To read more:

Various Websites

Hackers have been exploiting legitimate websites by disguising malware as fake software updates. The websites are running the popular content-management systems SquareSpace, WordPress and Joomla. To read more:


Some 438 Bitcoins (currently valued at around US$3.5 million) belonging to customers of this Indian Bitcoin exchange were stolen on April 9th. To read more:

Reported Vulnerabilities

Power-line attacks

Researchers have shown that an air-gapped PC is not safe from a determined hacker: even a CPU’s low-frequency magnetic radiation can be harnessed to leak data. To read more:

Adobe Flash

Adobe patched 19 critical vulnerabilities in Flash and InDesign. To read more:


A research lab found that top vendors including HTC, Huawei and Motorola are leaving some of their Android-powered technology unpatched. To read more:

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.