Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – July 26th 2021

Jul 26, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


Diicot brute

A hacking group from Romania is behind an active cryptojacking campaign targeting Linux machines with an secure-socket-shell brute-forcer. The Hacker News:



The Chinese government will require any Chinese citizen who finds a zero-day vulnerability to pass the details to the government and not provide it to anyone outside China. Security Week:


Pegasus spyware

Researchers discovered that the hard-to-detect Pegasus spyware made by Israel’s NSO Group is unsurprisingly being used to spy on and potentially endanger activists, dissidents, journalists, lawyers and others worldwide. The Hacker News:


HP, Xerox and Samsung printers

Researchers discovered a 16-year-old buffer-overflow vulnerability in a software driver still used by HP, Xerox and Samsung printers. The Hacker News:


Campbell Conroy & O’Neil

This US law firm, which counsels numerous large companies worldwide, belatedly disclosed a data breach following a ransomware attack back in February 2021. Bleeping Computer:

This Italian web-hosting company announced a data breach that exposed customer billing and personal data. The Daily Swig:


Saudi Aramco

Hackers stole a terabyte of proprietary data belonging to Saudi Aramco and put it up for sale on the darknet. Bleeping Computer:


Northern Trains, UK

Ticket machines operated by the state-run Northern Trains are out of commission after a suspected ransomware attack. Reuters:


Rogue NPM package

Researchers discovered that a package from the official NPM repository is a front for a tool that steals saved passwords from Chrome. The Hacker News:


Syrian e-Government Web Portal

An APT group deployed Android malware via the Syrian e-Government Web Portal to compromise targets. The Hacker News:


XCSSET malware

Hackers updated the XCSSET malware, adding more features to a toolset that targets macOS operating systems and exfiltrates sensitive data from Chrome and Telegram. The Hacker News:



ClearBalance, a loan-servicing company, experienced a phishing attack in March, and the hackers accessed highly confidential personal information. Business Wire:

A security breach at led to thousands of names and addresses of UK gun owners being published on the dark web. BBC:


Department of Economic Opportunity, Florida

Hackers breached Florida’s online unemployment-benefit system and stole data on over 57,000 unemployed individuals. WFLA:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.