Ionut Arghire

OpenSSF has added four new members and is receiving $5 million in funding for its Alpha-Omega open source software security project.

A new phishing-as-a-service (PaaS) tool has been observed targeting businesses, mainly in the manufacturing, healthcare, technology, and real estate sectors.

Google is improving Android security with new Safe Browsing real-time API, credential manager jetpack API, and new SDK API for developers.

Microsoft has rolled out patches for a vulnerability allowing attackers to bypass mitigations for a critical Outlook zero-day leading to credentials theft.

Google is now letting Gmail users in the US run scans to learn whether their Gmail ID appears on the dark web.

SquareX emerges from stealth mode with $6 million in seed funding for the development of its security-focused browser extension.

Blockchain company Webb Technologies has raised $7 million in seed funding for its privacy tools and protocol.

SAP released 18 new security notes on May 2023 Security Patch Day, including two that resolve critical vulnerabilities in 3D Visual Enterprise License Manager...

Microsoft’s May 2023 security updates address a total of 40 newly documented vulnerabilities, including two flaws already exploited in attacks.

GitHub makes push protection generally available to warn developers whenever they include a secret in a commit.

Data protection startup Optery has raised $2.7 million in a seed funding round led by Bayhouse Capital.

Microsoft warns that two Iranian state-sponsored groups have adopted exploits targeting a recently patched PaperCut vulnerability.

US authorities have seized 13 internet domains associated with DDoS-for-hire services.

Google announces the general availability of ‘rules_oci’ Bazel plugin to improve the security of container images.

The Alphv/BlackCat ransomware group claims to have stolen more than 1TB of data from Constellation Software.

An XSS vulnerability in the Advanced Custom Fields WordPress plugin exposes more than 2 million sites to attacks.

NextGen Healthcare is informing roughly 1 million individuals that their personal information was compromised in a data breach.

The recently identified Fleckpe Android trojan has infected over 600,000 users in Southeast Asia via Google Play.

Fortinet has released patches for two high-severity vulnerabilities impacting FortiADC, FortiOS, and FortiProxy.

Three vulnerabilities in the Azure API Management service could be exploited for internal asset access, DoS, firewall bypass, and the upload of malicious files.