Connect with us

Hi, what are you looking for?



In Other News: Microsoft Win32 App Isolation, Tsunami Hits Linux Servers, ChatGPT Credentials Exposed on Dark Web

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of June 19, 2023.

Cybersecurity news roundup

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories:

Oracle EU Sovereign Cloud

Oracle has launched a new EU Sovereign Cloud offering designed to help organizations across the European Union gain more control over data privacy and sovereignty requirements. Oracle EU Sovereign Cloud is located and operated entirely within the European Union and aligned with EU standards of practice.

NineID seed funding

Advertisement. Scroll to continue reading.

Belgian access management start-up NineID raised $2.6 million in seed funding to build a secure bridge between the digital and physical worlds of corporate security.  After raising $1.4 million in 2022 and launching its product, the company announced raising another $1.2 million, closing its $2.6 million seed round. 

Microsoft launches public preview of Win32 app isolation

Microsoft has launched a public preview of Win32 app isolation, created to “encapsulate and restrict” the execution of processes. Built on the foundation of AppContainers, Win32 app isolation is a new security feature designed to be the default isolation standard on Windows clients and will bring added security features to help defend against attacks that leverage vulnerabilities in applications.

Zyxel patches critical vulnerability in NAS devices

Zyxel released patches for a critical-severity pre-authentication command injection vulnerability (CVE-2023-27992) impacting some NAS models, warning that unauthenticated attackers could exploit the bug via HTTP requests to execute operating system (OS) commands remotely.

Tsunami botnet hits Linux SSH servers

AhnLab Security Emergency Response Center (ASEC) discovered an attack campaign that consists of the Tsunami DDoS bot being installed on “inadequately managed” Linux SSH servers. According to AhnLab, hackers managed to install the Tsunami bot malware, along with various other malware such as ShellBot, XMRig CoinMiner, and Log Cleaner.

DDoS botnets target IoT vulnerabilities

Palo Alto Networks warned of a new malware campaign exploiting dozens of vulnerabilities in routers, CCTV cameras, and other IoT devices to gain control over them and infect them with a variant of the Mirai botnet, capable of launching DDoS attacks.

Fortinet has observed attacks targeting a recent vulnerability in TP-Link Archer AX21 (AX1800) routers (CVE-2023-1389) to infect them with the Condi DDoS bot.

U.S. Tracked Huawei, ZTE Workers at Suspected Chinese Spy Sites in Cuba

U.S. officials reportedly tracked workers from Chinese telecom companies Huawei Technologies and ZTE entering and exiting suspected Chinese spy facilities in Cuba, the WSJ reports.

UPS users targeted in Smishing attacks 

UPS is notifying individuals in Canada of an ongoing SMS phishing (Smishing) campaign designed to steal their personal information, including names and addresses. 

“We are constantly vigilant when it comes to phishing and other attempts from bad actors. UPS is aware of reports relating to an SMS phishing (“Smishing”) scheme focused on certain shippers and some of their customers in Canada. UPS has been working with partners in the delivery chain to understand how that fraud was being perpetrated, as well as with law enforcement and third-party experts to identify the cause of this scheme and to put a stop to it,” UPS told SecurityWeek.

Mondelez employees exposed in law firm hack 

Personal information of more than 51,000 current and former workers at snack food giant Mondelez International was exposed in a data breach at law firm Bryan Cave Leighton Paisner LLC, Mondelez said. The breach occurred in February 2023 and was discovered on May 22, 2023.

Over 100,000 ChatGPT credentials on the dark web

Singapore-based cybersecurity firm Group-IB has discovered over 100,000 ChatGPT credentials in the logs of information stealers traded on the dark web. Between June 2022 and May 2023, Asia-Pacific had the largest number of stolen ChatGPT accounts.

GitHub repositories vulnerable to RepoJacking

Aqua Security says that millions of GitHub repositories might be vulnerable to RepoJacking, potentially exposing organizations to remote code execution attacks. RepoJacking occurs when a user or organization changes their name, resulting in GitHub creating new repository links and automatically redirecting projects to the new repository. However, the old username/organization name becomes available and the attacker can register it and create a malicious repository that breaks the redirection.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.