Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
Twitter hack exposes emails of over 200 million users, threat actors exploit ChatGPT to write malicious code and the breach of Slack’s private GitHub repositories. Catch all this and more in this week’s edition of Cybersecurity Weekly.
See Infosec IQ in action
1. Cybercriminals leak email addresses of more than 200 million Twitter users
Hackers have reportedly stolen the email addresses of more than 200 million Twitter users and shared them on an online hacking form. Many cybersecurity outlets viewed the leaked data and confirmed that email addresses were actually of the listed Twitter profiles. Alan Gal, the co-founder of Israeli cybersecurity firm Hudson Rock and the first to spot the leak, stated that the leak would, unfortunately, result in a lot of targeted phishing, doxxing, and hacking.
2. Cybercriminals using ChatGPT to write malware code
Security company Check Point recently revealed that threat actors have already started to exploit ChatGPT to write malicious code. In one documented example, the firm spotted a thread on an underground hacking forum by a threat actor who stated he was experimenting with the AI chatbot to recreate malware strains. He went on to compress and share Android malware with the capability to steal files of interest. Plus, the adversary demonstrated another tool that installed a backdoor on a PC and could infect a computer with additional malware.
3. Slack's private GitHub code repositories stolen after a data breach
The renowned Salesforce-owned IM app Slack disclosed it suffered a security incident that led to the theft of some of its private GitHub source code repositories. Hackers managed to get hold of the repositories using the limited number of Slack personnel tokens that were spoofed. Slack invalidated the stolen tokens following the breach and is investigating the potential impact on customers. The company also stated that Slack’s user data and primary codebase weren’t affected.
4. CircleCI urges users to rotate secrets after a security breach
DevOps platform CircleCI recently asked its customers to rotate their secrets following a breach. The company is currently investigating the cause and said no unauthorized actors are active in its systems. But its chief technology officer Rob Zuber urged customers to rotate any secrets stored on the platform, which may be saved in contexts or environment variables. The company has recommended users review internal logs for signs of malicious activity from December 31, 2022, to January 4, 2023, suggesting that it was breached during the holidays.
5. Dridex malware pops back up and turns its attention to macOS
A new version of the banking trojan Dridex reportedly has macOS platforms in its sights. Threat researchers from Trend Micro found that it delivers payload via a Microsoft exe file, so it has not yet been converted to run in a MacOS environment. However, researchers noted that the variant overwrites document files that carry Dridex’s macros, implying that there’s a chance that threat actors behind this trojan will make further modifications to make it work on MacOS.
See Infosec IQ in action
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
In this Series
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Uber data leaked, 48 DDoS-for-hire domains seized and Facebook posts phishing attack
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
