Microsoft Offers Up to $15,000 in New AI Bug Bounty Program
Microsoft on Thursday announced the launch of a new bug bounty program focused on artificial intelligence. The program, which initially focuses on AI-powered Bing, offers…
Category: SecurityWeek
Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure
Dozens of vulnerabilities affecting the Squid caching and forwarding web proxy remain unpatched two years after a researcher responsibly disclosed them to developers. Squid is…
SEC Investigating Progress Software Over MOVEit Hack
The US Securities and Exchange Commission is launching its own investigation into the vulnerability in Progress Software’s MOVEit transfer tool that exposed data from more…
Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin
A threat actor has deployed a WordPress backdoor that can hide its presence by posing as a legitimate plugin, WordPress security firm Defiant reports. Identified…
Apple Releases iOS 16 Update to Patch Exploited Vulnerability
Apple has released iOS and iPadOS updates to patch a kernel vulnerability that has been exploited in attacks. The flaw, tracked as CVE-2023-42824, has been…
CISO Pay Increases Are Slowing – a Look Behind the Figures
CISO compensation levels are growing more slowly than recent years. Security budget increases are even more deflated this year. The details are provided in a…
LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts
A recently identified phishing campaign is relying on LinkedIn smart links to bypass email defenses and deliver malicious lures into Microsoft users’ inboxes, email security…
Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks
Industrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks, Cisco’s Talos threat intelligence and research…
Simpson Manufacturing Takes Systems Offline Following Cyberattack
Engineering and manufacturing firm Simpson Manufacturing says it has taken some of its IT systems offline following a cyberattack this week. Headquartered in Pleasanton, California,…
SYN Ventures Announces $75 Million Seed Fund for US Cybersecurity Firms
Venture capital firm SYN Ventures announced this week the first closing of a $75 million cybersecurity seed fund, which the company describes as “the largest…
Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk
The maintainers of the cURL data transfer project on Wednesday rolled out patches for a severe memory corruption vulnerability that exposes millions of enterprise OSes,…
Payment Card Data Stolen in Air Europa Hack
Air Europa, one of Spain’s largest airlines, is urging some customers to cancel their payment cards after the information may have been compromised as a…