Welcome to the year's final week! While you may be excited to do some gift card giveaways, we would like to warn you that the card may have been compromised. Researchers discovered a working exploit for a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin that is currently used by over 50,000 devices. In other news, security researchers discovered the Linux kernel vulnerability with the highest CVSS score. The flaw may allow arbitrary code to be executed in the context of the kernel.

Moving on, a cybercriminal on the black market claimed to have stolen the personal information of billions of users. The adversary is said to have data on several people.

Top Breaches Reported in the Last 24 Hours

Massive claim based on Twitter user data

On a hacker forum, a threat actor allegedly stole personal information from 400 million Twitter users, including email addresses and phone numbers. The hacker also urged Twitter CEO Elon Musk to make a deal with him to buy the data in a forum post. The database may contain information on three dozen people, including Ethereum cryptocurrency founder Vitalik Buterin.

A breach has occurred at a public Cincinnati college.

Cincinnati State Technical Community College revealed that it was the victim of a cyberattack in the first week of November as a result of unauthorised network access. Hackers were able to obtain a variety of data, including Social Security numbers, licence information, and health insurance and financial account information.

BitKeep was robbed of $8 million.

PeckShield, a blockchain security and analytics firm, estimated that hackers may have drained over $8 million in various crypto assets via BitKeep wallet users. Unsolicited transactions were reported on Twitter by users. The company confirmed the situation on its Telegram channel, citing some bogus APK downloads.

Top Malware Reported in the Last 24 Hours

GuLoader's anti-analysis method

CrowdStrike revealed a new technique used by the Visual Basic Script-based malware downloader GuLoader to avoid detection. The payload is designed to drop a next-stage loader from a remote server in a three-stage process. Before injecting embedded shellcode into memory, this malware performs anti-analysis checks and anti-debugging tricks at each stage.

Top Vulnerabilities Reported in the Last 24 Hours

A WordPress bug threatens 50k sites.

A critical flaw in the WordPress plugin YITH WooCommerce Gift Cards, which has over 50,000 installations worldwide. Threat actors are actively exploiting the bug, which is identified as CVE-2022-45359. Unauthenticated hackers can upload files to vulnerable sites and take complete control of a compromised site.

CVSS 10.0 flaw in Linux

A critical Linux kernel bug has been discovered, leaving ksmbd-enabled SMB servers vulnerable to attack. A CVSS score of 10 indicates that the bug can be exploited by an unauthenticated, remote actor to execute arbitrary code on vulnerable devices. The flaw is in the way SMB2 TREE DISCONNECT commands are processed.