Money transfer app Duc exposed thousands of driver’s licenses and passports to the open web

An exposed Amazon-hosted server allowed anyone to access reams of customer data without needing a password.
SecurityWeek

New DeepLoad Malware Dropped in ClickFix Attacks

The new DeepLoad malware has been distributed in ClickFix attacks to steal user credentials and install a rogue browser ...