A Romanian hacker claims to have found a hole in the website for security firm BitDefender. According to a post by someone using the alias Unu on hackersblog.org, an SQL injection vulnerability persists in the site's news section. Recently websites belonging to security firms F-Secure and Kaspersky Lab were compromised. And a Portuguese partner site belonging to BitDefender also was hit. All three companies deny that any personal information was exposed to the attackers. — CAM
This week in the Security News: When you just wanna hurl, malicious containers, FCC bans stuff, these are not the CVE's you're looking for, Linux password mining, mind the gap, hacking smart watches, & more!
Threat actors were able to steal at least $15 million in cryptocurrency from separate but connected attacks against Web3 infrastructure provider Ankr and cryptocurrency platform Helio, reports The Record, a news site by cybersecurity firm Recorded Future.
Jscrambler researchers say while this latest reported Magecart attack dates back to December 2021, the attackers launched the attack by taking over a defunct internet domain that was decommissioned in December 2014.