Earlier today we reported that the same group that hit NVIDIA and stole source code along with employee logins also hit Samsung and stole around 190GB of source code data related to how galaxy mobile devices operate. The data, according to the Lapsus$ group, covers the bootloader for the trust zone and trusted apps, how galaxy devices encrypt data and other code operating fundamentals.

Mozilla is urging users to update to the latest version of Firefox after two vulnerabilities (CVE-2022-26485 and CVE-2022-26486) have been found to be actively exploited in the wild. Both vulnerabilities are listed as use-after-free vulnerabilities. This type of vulnerability relies on issues in determining which part of an application is responsible for cleaning up used memory. By leveraging this an attacker can set up a situation where they can re-use a part of memory that was freed up by a legitimate process.

The Lapsus$ group, the same ones that broke into NVIDIA and Stole corporate data and had their attack VM encrypted, appear to have also broken into Samsung. Lapsus$ has leaked what they claim to be source code for several sensitive applications include apps that run in the Trust Zone on Samsung Mobile Devices.

As mobile devices continue to be a focus for attackers, we are hearing that there is new banking malware in the Google Play Store. The new malware belongs to a the SharkBot family and, according to researchers, is also a new generation thanks to included features found inside. The biggest difference between SharkBot and other banking malware is that SharkBot allows the developers to steal money in a highly automated fashion.