Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – March 22nd 2021

Mar 22, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


Sky Global

The US Department of Justice indicted the CEO of encrypted-messaging company Sky Global for participating in a criminal enterprise to help drug traffickers evade law enforcement. The Hacker News:


Premier Diagnostics

Security researchers discovered exposed S3 buckets belonging to Premier Diagnostics, a US COVID-19 testing firm, that contained the personal information of 52,000 patients. Security Boulevard:



This email-security company announced that SolarWinds hackers broke into its internal network and downloaded source code from several repositories. The Hacker News:



Researchers disclosed vulnerabilities in Elementor and WP Super Cache plugins for WordPress that enable an attacker to run arbitrary code and take over a website. The Hacker News:


Windows, iOS, Android

A team of hackers exploited 11 zero-day vulnerabilities that used compromised websites to infect patched devices running Windows, iOS, and Android. Ars Technica:



Researchers disclosed a new attack where hackers use Xcode, Apple’s integrated development environment, as an attack vector to compromise Apple platform developers. The Hacker News:


Eastern Health, Melbourne

After experiencing a cyberattack, Eastern Health postponed elective surgeries and took its IT systems offline. IT News:



Hackers hit Taiwanese electronics and computer maker Acer with REvil ransomware, and are demanding $50 million in ransom. Bleeping Computer:


Spectre variant

Google released a proof-of-concept exploit that leverages the Spectre attack against Chrome browsers to leak data from websites. Threatpost:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.