Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Jul 20th

Jul 20, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


Twitter accounts of major companies and VIP users were compromised in one of the most significant Twitter breaches to date. New York Times:


Chingari app

Researchers discovered a critical vulnerability in an Indian TikTok clone called Chingari. The vulnerability enables anyone to hijack any user account and change information. The Hacker News:


MGM Resorts

A hacker is selling details of 142 million MGM hotel guests on the dark web. ZDNet:



SAP patched a critical vulnerability in its NetWeaver Application Server Java platform. The flaw enabled attackers to take control of SAP applications running on top of NetWeaver. The Hacker News:


Windows DNS Servers

Researchers disclosed a 17-year-old remote-code-execution flaw in Windows Server versions from 2003 to 2019. The Hacker News:


Data Viper

A hacker claims to have stolen more than 8,200 databases from this US cybersecurity firm’s data-leak monitoring service. ZDNet:


Evil Corp

This Russian hacking group is launching ransomware attacks against several US companies, targeting employees who are working from home due to COVID-19. BBC:


COVID-19 research centers

US, UK, and Canadian officials are warning that Russian hackers have been targeting organizations developing coronavirus vaccines. CNN:



A DDoS attack targeted this new Indian social-media application, with some 2m malicious requests hitting the platform every minute. Deccan Herald:


Israel’s water system

In the past two weeks, Israel’s water infrastructure was hit by two cyberattacks. No damage to the water systems occurred. Times of Israel: 



This US online antiques marketplace announced that it had suffered a data breach that impacted the personal data and passwords of millions of users. The Daily Swig:


Telecom SA Argentina

A ransomware attack hit Argentina’s largest telecoms company. The hackers demanded US$7.5m in Monero cryptocurrency. Cryptonews:


Ripoff Report

A hacker who attempted to extort Ripoff Report, a consumer-advocacy company, was extradited to the US to face charges. ZDNet:


Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.