Lunch Time Nibbles - 2022-08-24

Welcome to another Lunch Time breakout:

GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software
DevOps platform GitLab this week issued patches to address a critical security flaw in its software that could lead to arbitrary code execution on affected systems. Tracked as CVE-2022-2884, the issue is rated 9.9 on the CVSS vulnerability scoring system and impacts all versions of GitLab Community Edition (CE) and Enterprise Edition (EE) starting from 11.3.4 before 15.1.5, 15.2 before 15.2.3,
Read more....

Pirated 3DMark benchmark tool delivering info-stealer malware
Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software. [...]
Read more....

Chrome 'Internet Download Manager' adware has 200,000 installs
Google Chrome extension 'Internet Download Manager' installed by more than 200,000 users is adware. The extension has been sitting on the Chrome Web Store since at least June 2019, according to the earliest reviews posted by users. [...]
Read more....

Researchers Warn of AiTM Attack Targeting Google G-Suite Enterprise Users
The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services have also set their sights on Google Workspace users. "This campaign specifically targeted chief executives and other senior members of various organizations which use [Google Workspace]," Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolanu 
Read more....

Plex forces password resets after database access incident
The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases. [...]
Read more....

Hackers Using Fake DDoS Protection Pages to Distribute Malware
WordPress sites are being hacked to display fraudulent Cloudflare DDoS protection pages that lead to the delivery of malware such as NetSupport RAT and Raccoon Stealer. "A recent surge in JavaScript injections targeting WordPress sites has resulted in fake DDoS prevent prompts which lead victims to download remote access trojan malware," Sucuri's Ben Martin said in a write-up published last week
Read more....