A week in security (January 16—22)

Last week on Malwarebytes Labs:

• Google to support the use of Rust in Chromium
• Law enforcement app SweepWizard leaks data on crime suspects
• Accountant ordered to pay ex-employer after bossware shows “time theft”
• TikTok dances to the tune of $5.4m cookie fine
• “Untraceable” surveillance firm sued for scraping Facebook and Instagram data
• Fighting technology’s gender gap with TracketPacer: Lock and Code S04E02
• Web skimmer found on website of Liquor Control Board of Ontario
• University suffers leaks, shutdowns at the hands of Vice Society
• Update now! Proof of concept code to be released for Zoho ManageEngine vulnerability
• CircleCI: Malware stole GitHub OAuth keys, bypassing 2FA
• LastPass users should move their crypto funds, experts warn
• Update now! Two critical flaws in Git’s code found, patched
• Google sponsored ads lead to rogue imitation sites
• Ransomware money laundering operation disrupted, founder arrested
• Credit card fraud group member could get up to 30 years in jail
• Mailchimp breach feels like deja vu

Stay safe!

https://blog.malwarebytes.com/feed/