Latest issue of my curated #cybersecurity and #infosec list of resources for week #04/2024 is out! It includes the following and much more:
➝ 
#23andMe admits it didn’t detect #cyberattacks for months
➝ #Trello API abused to link email addresses to 15 million accounts
➝ 
#LoanDepot Breach: 16.6 Million People Impacted
➝ 
#Microsoft network breached through password-spraying by Russian-state hackers
➝ Russian #TrickBot Mastermind Gets 5-Year Prison Sentence for #Cybercrime Spree
➝ #HPE says it was hacked by Russian group behind Microsoft email #breach
➝ 
Russian Hackers Suspected of #Sweden Cyberattack
➝ 
Aviation Leasing Giant #AerCap Hit by #Ransomware Attack
➝ 
➝ 
Chinese Hackers Silently Weaponized #VMware Zero-Day Flaw for 2 Years
➝ 
Ring Will No Longer Allow Police to Request Doorbell Camera Footage From Users
➝ 
➝ 
#France Fines #Yahoo 10 Mn Euros Over Cookie Abuses
➝ 
Cracked #macOS apps drain wallets using scripts fetched from DNS records
➝ 
Malicious #NPM Packages Exfiltrate Hundreds of Developer #SSH Keys via #GitHub
➝ 
NS-STEALER Uses Discord Bots to Exfiltrate Your #Secrets from Popular Browsers
➝ 
X adds #passkeys support for #iOS users in the United States
➝ 
Critical #Jenkins Vulnerability Exposes Servers to RCE Attacks - #Patch ASAP!
➝ 
AI will increase the number and impact of cyber attacks, intel officers say
➝ 
Exploit released for Fortra #GoAnywhere MFT auth bypass bug
➝ 
️ #Pwn2Own Automotive: Hackers Earn Over $700k for #Tesla, EV Charger, Infotainment Exploits
➝ Mass exploitation of #Ivanti VPNs is infecting networks around the globe
➝ Apple Issues #Patch for Critical Zero-Day in #iPhones, Macs - Update Now
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end 
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-042024
