Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – April 19th 2021

Apr 19, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities



Researchers disclosed nine vulnerabilities impacting the Domain Name System protocol in network communication stacks running on more than 100m devices. Bleeping Computer:



A researcher published proof-of-concept exploit code for a new flaw impacting Chrome and other Chromium-based browsers. The exploit uses a remote code-execution vulnerability in the V8 JavaScript rendering engine. The Hacker News:



A vulnerability in one of the Go libraries that Kubernetes is based on enables denial-of-service attacks against the CRI-O and Podman container engines. Threatpost:


APKPure Store

Hackers infected APKPure Store, an alternative to the Google Play Store, with malware enabling them to distribute trojans to Android devices. The Hacker News:


Brown University

America’s Brown University was hit by a cyberattack that forced it to shut down some of its Microsoft Windows-based computer programs. GovTech:


Albert Heijn, Netherlands

The Netherlands’ largest supermarket chain suffered a shortage of cheese thanks to a ransomware attack that hit a food-transportation and logistics company. The attack halted deliveries from warehouses to the grocery store. Hot for Security:



This risk and compliance startup confirmed a data breach after a third-party obtained credentials to the company’s AWS cloud-storage servers. TechCrunch:



This Indian stock-trading company revealed a security breach after a hacker gained access to millions of customers’ personal information. Graham Cluley:


Counter Strike: Global Offensive

Hackers are taking control of victims’ computers by tricking them into clicking on a Steam invite to play Counter Strike: Global Offensive. Vice:



Microsoft delivered Patch Tuesday updates, which consisted of fixes for more than 100 CVEs, including four Exchange Server vulnerabilities reported by the NSA. The Register:


JavaScript exploit

Researchers discovered a new Rowhammer attack technique that can trigger an attack from JavaScript on DDR4 RAM cards. The Hacker News:



A gay dating app confirmed that it had experienced a data breach in February. A hacker gained access to the company’s accounts database. TechCrunch:


ProxyLogon web shells

The FBI cleared hundreds of malicious web shells from computers that were compromised via the ProxyLogon Microsoft Exchange vulnerabilities. Threatpost:



A hacker gained access to Codecov’s Bash Uploader script and modified it using a vulnerability in Codecov’s Docker image-creation process. The altered version of the script could expose customer credentials, tokens or keys, and enable access to other services. Codecov:


Malicious PDFs

Hackers are using business forms such as invoices, templates, questionnaires and receipts to deliver Remote Access Trojans via malicious PDFs. The Hacker News:


Software applications

Researchers discovered several one-click vulnerabilities in popular apps such as Telegram, Nextcloud, VLC, LibreOffice and more that can execute arbitrary code on target systems. The Hacker News:


Houston Rockets

The US basketball team is working with the FBI to investigate a cyberattack that attempted to install ransomware on the team’s internal systems. Montreal Gazette:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.