Summary: Four memory corruption vulnerabilities are being actively exploited on Android devices & nearly 2 dozen popular Android apps exposed over 100M users’ sensitive information in cloud databases. Over 600K sites using WP Statistics required a patch to fix a blind SQL injection vulnerability. WP User Avatar undergoes a dramatic rebranding to ProfilePress, adding divergent functionality & causing a user revolt in reviews. More details emerge about the ransomware attack on Colonial Pipeline.
