Shopify Flaw Exposed Thousands of Merchants’ Revenue, Traffic Numbers
The flaw, which existed in a Shopify API endpoint, has been patched. Go to Source
Poll: Facebook Harvests Email Contacts for 1.5M Users – Is Enough, Enough?
Take our short poll on how far Facebook can push its luck. Go to Source
Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug
The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug. Go to Source
Cisco Patches Critical Flaw In ASR 9000 Routers
The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said. Go to Source
Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks. Go to Source
Researchers: Facebook’s Data-Leveraging Scandal Puts Users on Notice
After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy. Go to Source
State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks. Go to Source
ThreatList: Bad Bots Account for a Fifth of All Web Traffic, FinServ Hit the Worst
The financial services industry sees nearly half of all website traffic coming from malicious bots. Go to Source
Oracle Squashes 53 Critical Bugs in April Security Update
Overall Oracle patched 297 flaws across multiple product as part of its April security update. Go to Source
RatVermin Spyware Targets Ukraine Gov Agencies
Researchers are pinning a recent phishing campaign against Ukraine government agencies on the Luhansk People’s Republic, a proto-state in eastern Ukraine which declared independence in 2015. Go to Source