Security researcher David Schütz says he received over $10,000 in bug bounty payouts from Google after reporting a Google Cloud project vulnerability and subsequent bypasses to rolled-out fixes.
Apple Slaps Lawsuit on NSO Group Over Pegasus iOS Exploitation
The troubles for Israeli surveillance software maker NSO Group continue to pile up with news that Apple has filed suit to ban the company from using its software, services or devices.
PoC Exploit Published for Latest Microsoft Exchange Zero-Day
A security researcher has released proof-of-concept (PoC) exploit code for a recently patched code execution vulnerability affecting on-prem Microsoft Exchange Server installations.
Serious Vulnerability Found in Imunify360 Web Server Security Product
A vulnerability discovered in CloudLinux’s Imunify360 security product could have been exploited for remote code execution using specially crafted files.
Severe Code Execution Vulnerabilities Affect OpenVPN-Based Applications
Security researchers at Claroty have raised the alarm for a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on OpenVPN.
Philips Working on Patches for Vulnerabilities Found in Medical Products
Philips is working on patches for several vulnerabilities discovered by researchers in some of the company’s medical products.
U.S. Agencies Share More Details on ADSelfService Plus Vulnerability Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have shared new details on in-the-wild attacks targeting a recently patched flaw in Zoho’s ManageEngine ADSelfService Plus product.
GoDaddy Breach Exposes 1.2 Million Managed WordPress Customer Accounts
Domain registrar and web hosting giant GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months.
Wind Turbine Giant Vestas Fending Off Cyberattack
Danish wind turbine giant Vestas Wind Systems has been hit by what appears to be a ransomware attack that took out parts of its internal IT infrastructure and caused unspecified data compromise.
Researchers Hack Conti Ransomware Infrastructure
Prodaft security researchers exploited a vulnerability in the recovery servers used by the Conti Ransomware-as-a-Service (RaaS), which allowed them to gain insight into the inner workings of the ransomware.
