Blog

DoorDash has confirmed a data breach. The food delivery company said in a blog post Thursday that 4.9 million customers, delivery workers and merchants had their information stolen by hackers. The breach happened on May 4, the company said, but added that customers who joined after April 5, 2018 are not affected by the breach. […] Source: DoorDash confirms data breach affected 4.9 million customers, workers and merchants – TechCrunch

Dunkin’ Donuts knew about online attacks going back to 2015, and didn’t tell the public for years, the lawsuit alleged. Source: New York sues Dunkin’ Donuts over hack affecting thousands of people

An update to Google Chrome damaged the file systems of macOS devices not running the System Integrity Protection security tool. Source: Google Chrome Update Damages macOS File System

An active APT campaign aimed at tech companies is underway, which also uses a legitimate NVIDIA graphics function. Source: ‘Narrator’ Windows Utility Trojanized to Gain Full System Control

Magecart (web skimming) attacks are evolving into a direction where they’re gonna be harder and harder to detect. Source: Hackers looking into injecting card stealing code on routers, rather than websites | ZDNet