Hi folks,

It's a minimal issue today I'm afraid, I have a day off and it's a very busy one :-) The content will mostly be what you expect, but the news will have the standard summaries that the article itself provides instead of me writing my own take.

Looking at the final result, maybe I should start calling them "quick" issues instead of minimal. Gathering the breaches and vulnerabilities doesn't take up that much time. Writing my own summaries for news articles does though, and that's what I skip when going "minimal". Hmm. Quick issue it is!

Enjoy :-)

Dieter Van der Stock

Breaches and leaks

  • DNA testing service 23andMe investigating theft of user data: link.
  • Motel One discloses data breach following ransomware attack: link.
  • Sony attacked by two ransomware operators: link.
Dieter Van der Stock

Issues and fixes

  • Apple patches vulnerabilities on iPhone and iPad: link.
  • Microsoft Edge, Teams get fixes for zero-days in open-source libraries: link.
  • Android October security update fixes zero-days exploited in attacks: link.
  • cURL will release a fix soon for an unknown but serious vulnerability: link.
  • Exploit released for Microsoft SharePoint Server auth bypass flaw: link.
  • Arm warns of Mali GPU flaws likely exploited in targeted attacks: link.
  • TeamCity RCE flaw exploited by ransomware gang: link.
  • Atlassian Confluence bug under attack: link.
  • Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers: link.
  • ShellTorch flaws expose AI servers to code execution attacks: link.
Dieter Van der Stock