bugs

Russian zero-day seller is offering up to $4 million for Telegram exploits

Security /

Operation Zero, a company that acquires and sells zero-days exclusively to the Russian government and local Russian companies, announced on Thursday that it’s looking for exploits for the popular messaging app Telegram, and is willing to offer up to $4 million for them. The exploit broker is offering up to $500,000 for a “one-click” remote […]

Russian zero-day seller is offering up to $4 million for Telegram exploits Read More »

Facebook awards researcher $100,000 for finding bug that granted internal access

Security /

In October 2024, security researcher Ben Sadeghipour was analyzing Facebook’s ad platform when he found a security vulnerability that allowed him to run commands on the internal Facebook server housing that platform, essentially giving him control of the server.   After he reported the vulnerability to Facebook’s owner Meta, which Sadeghipour said took just one hour

Facebook awards researcher $100,000 for finding bug that granted internal access Read More »

Symbiotic Security helps developers find bugs as they code

Startups /

Symbiotic Security, which is announcing a $3 million seed round today, watches over developers as they code and points out potential security issues in real time. Other companies do this, but Symbiotic also emphasizes the next step: teaching developers to avoid these bugs in the first place. Ideally, this means developers will fix security bugs

Symbiotic Security helps developers find bugs as they code Read More »

Hackers targeted Android users by exploiting zero-day bug in Qualcomm chips

Security /

On Monday, chipmaker Qualcomm confirmed that hackers exploited a zero-day — meaning a security flaw that was unknown to the hardware maker when it was abused — in dozens of its chipsets found in popular Android devices. The zero-day vulnerability, officially designated CVE-2024-43047, “may be under limited, targeted exploitation,” according to Qualcomm, citing unspecified “indications”

Hackers targeted Android users by exploiting zero-day bug in Qualcomm chips Read More »

Apple fixes bugs in macOS Sequoia that broke some cybersecurity tools

Security /

In September, Apple released the new version of its computer operating system macOS 15, also known as Sequoia, which broke the functionality of several cybersecurity products, including those made by CrowdStrike and Microsoft.  Three weeks later, on Friday, Apple released the first update to macOS 15, and it claims to have fixed those issues. In

Apple fixes bugs in macOS Sequoia that broke some cybersecurity tools Read More »

Apple’s new macOS Sequoia update is breaking some cybersecurity tools

Security /

On Monday, Apple released its latest computer operating system update called macOS 15, or Sequoia. And, somehow, the software update has broken the functionality of several security tools made by CrowdStrike, SentinelOne, Microsoft, and others, according to posts on social media, as well as messages posted in a Mac-focused Slack channel.  At this point, it’s

Apple’s new macOS Sequoia update is breaking some cybersecurity tools Read More »

Chinese government hackers targeted U.S. internet providers with zero-day exploit, researchers say

Security /

A group of hackers linked to the Chinese government used a previously unknown vulnerability in software to target U.S. internet service providers, security researchers have found.  The group known as Volt Typhoon was exploiting the zero-day flaw — meaning the software maker was unaware of it before having time to patch — in Versa Director,

Chinese government hackers targeted U.S. internet providers with zero-day exploit, researchers say Read More »