Threatpost

2.5 million people were affected, in a breach that could spell more trouble down the line. https://t.co/oayJTmVBsj

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. https://t.co/55eQd9zhbb

The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data. https://t.co/DdrAtJd4lF

Researcher shows how Instagram and Facebook’s use of an in-app browser within both its iOS apps can track interactions with external websites. https://t.co/22dqlwv9GQ

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational data destruction. https://t.co/15XqKjCJtj

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. https://t.co/HXbICFHdrC

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. https://t.co/yzvYa700LW

Researcher shows how Instagram and Facebook’s use of an in-app browser within both its iOS apps can track interactions with external websites. https://t.co/22dqlwvHwo

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack. https://t.co/66KBNkElgV

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services. https://t.co/UsnFajmDQ5