Collaborate Disseminate
OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) for high-impact flaws in its infrastructure and products.
The post OpenAI Offering $100K Bounties for Critical Vulnerabilities appeared first on SecurityWeek.
Continue reading OpenAI Offering $100K Bounties for Critical Vulnerabilities
Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub)
The post Russian Ransomware Gang Exploited Windows Zero-Day Before Patch appeared first on SecurityWeek.
Continue reading Russian Ransomware Gang Exploited Windows Zero-Day Before Patch
The late-stage startup said the round was led Coatue Management and brings Island’s total external funding to approximately $730 million.
The post Island Banks $250M Series E for Enterprise Browser appeared first on SecurityWeek.
Continue reading Island Banks $250M Series E for Enterprise Browser
The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.
The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on Security… Continue reading Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
The effects of the backlog is already being felt in vulnerability management circles where NVD data promises an enriched source of truth.
The post NIST Still Struggling to Clear Vulnerability Submissions Backlog in NVD appeared first on SecurityWeek.
Continue reading NIST Still Struggling to Clear Vulnerability Submissions Backlog in NVD
News analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem?
The post What’s Behind Google’s $32 Billion Wiz Acquisition? appeared first on SecurityWeek.
Continue reading What’s Behind Google’s $32 Billion Wiz Acquisition?
Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.
The post Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum appeared first on SecurityWeek.
Continue reading Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum
Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.
The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek.
Continue reading FreeType Zero-Day Being Exploited in the Wild
China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers.
The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek.
Continue reading Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek.
Continue reading Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw