The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX.
Follow Dark Reading:
 April 12, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft Patches 97 CVEs, Including Zero-Day & Wormable Bugs
The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX.
'Blatantly Obvious': Spyware Offered to Cyberattackers via PyPI Python Repository
Malware-as-a-service hackers from Spain decided to use a public code repository to openly advertise their wares.
Attackers Hide RedLine Stealer Behind ChatGPT, Google Bard Facebook Ads
The campaign shrouds the commodity infostealer in OpenAI files in a play that aims to take advantage of the growing public interest in AI-based chatbots.
Microsoft Azure Shared Key Misconfiguration Could Lead to RCE
Azure admins are urged to disable shared key access and implement Azure Active Directory authentication.
Israeli Irrigation Water Controllers & Postal Service Breached
Israel's National Cyber Defense is warning of increased cyberattacks by anti-Israel groups during the month of Ramadan.
Samsung Engineers Feed Sensitive Data to ChatGPT, Sparking Workplace AI Warnings
In three separate incidents, engineers at the Korean electronics giant reportedly shared sensitive corporate data with the AI-powered chatbot.
How Password Managers Can Get Hacked
Password managers aren't foolproof, but they do help mitigate risks from weak credentials and password reuse. Following best practices can contribute to a company's defenses.
Where Are the Women? Making Cybersecurity More Inclusive
Stepped-up recruiting efforts along with better work-life balance policies and mentoring and recruitment programs will help balance the scales.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly
Unpatched Macs, iPhones, and iPads open to browser takeover and system kernel-level malicious code execution, Apple warns.

Rethinking Cybersecurity's Structure & the Role of the Modern CISO
A CISO with a focused role will be better prepared to thrive in an organization and accelerate adoption and understanding of cybersecurity.

Apps for Sale: Cybercriminals Sell Android Hacks for Up to $20K a Pop
The marketplace for malicious Google Play applications and app-takeover tools is thriving, thanks to novel hacking techniques and lax enterprise security.

MORE
EDITORS' CHOICE
7 Things Your Ransomware Response Playbook Is Likely Missing
Incident response experts share their secrets for success when it comes to creating a professional-grade ransomware response playbook. Are you ready for the worst?
LATEST FROM THE EDGE

Name That Edge Toon: Tower of Babble
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

CrowdStrike Expands Falcon to Include IoT
CrowdStrike Falcon Insight for IoT covers Internet of Things, Industrial IoT, Operations Technology, as well as medical devices.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Noname Security Announces Hardened API Security Platform
Cybereason Secures $100M in Funding Led by SoftBank Corp.
Industrial Defender Launches Phoenix: OT Visibility & Security Solution for Small to Midsized Operations
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us