The company exposed credentials to the Salesforce Marketing Cloud, a provider of digital marketing automation and analytics software and services. Cybernews has reached out to the car manufacturer, and the dataset has been secured.

The NullMixer package is including new polymorphic loaders by third-party MaaS and PPI service providers in the underground markets, and also pieces of controversial, potentially North-Korean-linked PseudoManuscript code.

Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

On the third day, contestants were awarded $185,000 after demonstrating 5 zero-day exploits targeting the Ubuntu Desktop, Windows 11, and the VMware Workstation software.

The attack was disclosed on March 19, and threat actors had access to customer and employee information. The agency is going to notify impacted customers and employees via breach notification letters.

On the second day of Pwn2Own Vancouver 2023, the bug hunters demonstrated zero-day attacks against the Oracle VirtualBox virtualization platform, Microsoft Teams, Tesla Model 3, and the Ubuntu Desktop OS.

The Pwn2Own Vancouver 2023 has begun, this hacking competition has 19 entries targeting nine different targets – including two Tesla attempts. On the first day, it awarded $375,000 (and a Tesla Model 3) for 12 zero-day vulnerabilities discovered.

The Cybernews research team discovered that the South Korean social platform, powderroom.co.kr – which markets itself as the nation’s biggest beauty community – was leaking the private data of a million users.

Cybernews researchers discovered an unprotected 20GB of server logs that contained nearly 30 million entries, with the oldest dated May 2022. The logs exposed subscribers’ IP addresses and user data about devices, operating systems, and web browsers.

“The new variant of the FakeGPT Chrome extension, titled 'Chat GPT For Google,' is once again targeting your Facebook accounts under a cover of a ChatGPT integration for your Browser,” reads the post published by Guardio Labs.