Ionut Arghire

Adobe is inviting security researchers to join its private bug bounty program on the HackerOne platform.

Faronics patches critical-severity remote code execution (RCE) vulnerabilities in the Insight education software.

Chrome 114 stable brings 18 security fixes, including 13 for vulnerabilities reported by external researchers.

Security researchers have discovered spyware code in 101 Android applications that had over 421 million downloads in Google Play.

A decade-old critical vulnerability in Jetpack was force-patched on five million WordPress sites over the past few days.

PyPI will require all accounts that maintain a project to enable two-factor authentication (2FA) by the end of 2023.

Dental benefits manager MCNA is informing roughly 9 million individuals that their personal data was compromised in a data breach.

Multiple vulnerabilities in PrinterLogic’s enterprise management printer solution could expose organizations to various types of attacks.

The recently identified Buhti operation uses LockBit and Babuk ransomware variants to target Linux and Windows systems.

Google makes ACME API available to all Google Cloud users to allow them to automatically acquire and renew TLS certificates for free.

NCC Group announces new open source tools for finding hardcoded credentials and for distributing cloud workloads.

Website impersonation detection and prevention company Memcyco raises $10 million in seed funding.

Apria Healthcare is informing 1.86 million individuals of personal information compromise in 2019 and 2021 data breaches.

European XDR and threat intelligence provider Sekoia.io has raised €35 million ($37.5 million) in Series A funding.

GitLab CE/EE version 16.0.1 patches a critical arbitrary file read vulnerability tracked as CVE-2023-2825.

The AhRat trojan was injected in a screen recording application that had amassed more than 50,000 downloads via Google Play.

The US government has announced sanctions against four entities and one individual engaging in cyber activities on behalf of the North Korean government.

The newly detailed GoldenJackal APT has been targeting government and diplomatic entities in the Middle East and South Asia since 2019.

Iranian threat actors use a Windows kernel driver called ‘Wintapix’ in attacks against Middle East targets.

Google introduces Mobile VRP bug bounty program for vulnerabilities in its mobile applications.