Episode 118: Four Android Vulnerabilities Under Active Attack

Four memory corruption vulnerabilities are being actively exploited on Android devices and nearly 2 dozen popular Android apps exposed over 100 Million users’ sensitive information in cloud databases. Over 600,000 sites using WP Statistics required a patch to fix a blind SQL injection vulnerability. WP User Avatar undergoes a dramatic rebranding to ProfilePress, adding completely divergent functionality and causing a user revolt in reviews. More details emerge about the ransomware attack on Colonial Pipeline, as DarkSide shuts down after losing access to their infrastructure. A popular Russian language hacking forum bans ransomware discussions, and an Apple executive claims there are unacceptable levels of Mac malware during the Epic Games lawsuit.