Hackers exploited Snowflake account credentials to access “nearly all” AT&T customers’ call and text records from May to October 2022. Advance Auto Parts suffered a data breach, compromising 2.3+ million individuals’ information. Other significant news includes a patched Microsoft zero-day exploited for over a year, a critical RADIUS protocol vulnerability leaving network equipment susceptible to MitM attacks, and a revelation that the rapid adoption of public PoC exploits by the Chinese APT40 group.

New macOS Stealer Mimics Apple’s Crash Report Framework to Steal Browser Credentials
CrashStealer, a native C++ macOS infostealer that disguises itself as Apple’s built-in crash-reporting utility to harvest browser credentials, cryptocurrency wallets, password manager data, and keychain


