An unknown party has released the scraped data of 2.6 million DuoLingo users on a hacking forum. While they offered the data set for sale in January for $1,500, it's now been released on a new version of the Breached hacking forum for 8 site credits, worth only $2.13. DuoLingo is an educational platform most famous for its language learning programs. According to a May 2023 press release, DuoLingo has 72.6 million monthly active users. READ MORE...
Meal delivery service PurFoods says the personal and protected health information of more than 1.2 million individuals was stolen in a ransomware attack in early 2023. Partnering with health, Medicare, and Medicaid plans, the Iowa-based organization is the parent of Mom's Meals, a service that delivers health-focused, refrigerated, ready-to-eat meals throughout the US. READ MORE...
The blast radius from the mass exploit of a zero-day vulnerability in the MOVEit file transfer service reached another milestone in its destructive spread: more than 1,000 organizations are impacted, according to Emsisoft and KonBriefing Research. The number of organizations hit by the wide-scale attack increased nearly 40% last week, underscoring the scope of impact and challenge organizations are encountering as they work to determine potential exposure. READ MORE...
The Crates.io Rust package registry was targeted recently in what appeared to be the initial phase of a malware attack aimed at developers, according to software supply chain security firm Phylum. It's not uncommon for threat actors to rely on typosquatting and software development package registries to deliver malware to Node.js and Python developers. In these types of attacks, hackers typically create packages with names that are misspelled - or typosquatted - variants of popular packages. READ MORE...
A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks. Sophos has been monitoring this campaign since mid-August, reporting that the threat actor performs payload injections, uses BlueVPS for malware stating, deploys obfuscated PowerShell scripts, and drops PHP webshells on victim machines. READ MORE...
A vulnerability in Skype mobile apps can be exploited by attackers to discover a user's IP address - a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The security vulnerability has been discovered by a security researcher named Yossi, who privately reported it to Microsoft and demonstrated its effective exploitation to journalist Joseph Cox. READ MORE...
Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers to gain remote code execution in Juniper's JunOS on unpatched devices. Juniper disclosed four medium-severity bugs in its EX switches and SRX firewalls and released security patches two weeks ago. The security flaws were found in the PHP-based J-Web interface that admins can use to manage and configure Juniper devices on their networks. READ MORE...