Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – May 17th 2021

May 17, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities



A dark web infrastructure study discovered that a hacker controlled more than 27% of the entire Tor network exit capacity in February 2021. The Hacker News:


Fake Amazon reviews

Researchers discovered an open ElasticSearch database that contained messages between Amazon vendors and customers about fake reviews. Slash Gear:



Adobe released patches to fix vulnerabilities across 12 products, including a zero-day bug in Adobe Reader. The Hacker News:


Metropolitan Police Department

The hackers behind Babuk ransomware leaked more personal files belonging to the Metropolitan Police Department as negotiations with the police broke down. The Hacker News:



A dozen WiFi flaws made it possible for hackers to steal transmitted data and bypass firewalls to attack home networks. The Register:


Alaskan court system

The Alaskan court system restored its email after being down for two weeks following a cyberattack. The court system does not know who was behind the attack or why it was targeted. Associated Press:



An XML External Entity injection bug enables attackers to steal a victim’s files remotely. The Daily Swig:



Fake COVID-19 test results, vaccination cards, and vaccines are emerging on the dark web as hackers are commoditizing the pandemic. The Hacker News:


Rapid7 announced that hackers accessed some source code repositories due to the security breach at third-party coverage tool Codecov. Bleeping Computer:


Website favicons

Hackers distribute PHP web shells hidden inside favicons to gain access and compromise servers of online shopping platforms. The Hacker News:


Herff Jones

A company that rents graduation attire to Indiana University students is alerting customers that a data breach exposed their payment information. Indiana Public Media:


DarkSide ransomware – Colonial Pipeline

The DarkSide ransomware hackers that caused the outage at Colonial Pipeline announced that they are shutting down after an unknown entity seized its servers. Krebs on Security:


Ireland’s health service

Irish health services shut down computer systems during a ransomware cyberattack to protect them from the attack. Bloomberg:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.