Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – April 12th

Apr 12, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


AMD Zen 3

The US chipmaker confirmed that the optimization inside Zen 3 CPUs is vulnerable to Spectre-style exploits. TechSpot:



Researchers detected more than 300 successful exploits of SAP vulnerabilities and insecure configurations. The targeted applications include enterprise resource planning, supply-chain management, human-capital management, and more. The Hacker News:


Vietnamese military and government

A Chinese-speaking hacking group is conducting a cyber-espionage campaign targeting government and military organizations in Vietnam. The Hacker News:



Researchers discovered a wormable Android malware disguised as rogue Netflix app called “FlixOnline,” and downloadable from the Google Play Store. It propagates via WhatsApp messages. The Hacker News:



Researchers discovered a critical vulnerability in VMware’s Carbon Black Cloud Workload appliance that can bypass authentication and take control of vulnerable systems. The Hacker News:


Fortinet VPN

Hackers are targeting unpatched Fortinet VPN devices to break into European companies. One hack led to the temporary shutdown of a firm’s production facility. The Hacker News:


Connecticut DMV

A cyberattack disabled the Connecticut DMV’s online emissions-testing system. The DMV detected the attack on March 30th, and the system is still offline. WSHU:


California Department of State Hospitals

California’s Department of State Hospitals discovered a data breach that impacted almost 3,000 people. Becker’s Health IT:


European Union

Several EU institutions experienced cyberattacks last week. There is no conclusive information yet about the attack. Insurance Journal:


Slack and Discord

Hackers are using Slack and Discord to evade security and deliver malware to victim’s systems. Threatpost:



Cisco announced that it does not plan to fix a critical security vulnerability that impacts its older Small Business routers. The company is urging users to replace the devices. The Hacker News:


Carding Mafia

Hackers breached a forum for stealing and trading credit cards, exposing 300,000 user accounts. CPO Magazine:



Researchers discovered a zero-day vulnerability in Zoom that launches remote code execution attacks on targeted machines. ZDNet:


University of Colorado

Hackers are attempting to extort the University of Colorado after a cyberattack that compromised the personal information of students and staff. The university has not paid the ransom. KRDO:


Education organizations

Hackers are targeting education organizations with cryptomining software that generates Monero, Litecoin, Bitcoin and Ethereum. ZDNet:


Call of Duty: Warzone

Activision published research showing how hackers had hidden malware as a cheat program for the video game Call of Duty: Warzone. Activision:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.