Vulnerability Disclosure News, Articles and Updates

ImageMagick bug in Facebook could have allowed remote execution of code

Researcher gets $40,000 bounty for finding exploit that could have allowed an attacker to exploit ImageMagick to gain control of a Facebook server.

Researcher rewarded for finding Facebook Business Manager account takeover flaw

Security researcher Arun Sureshkumar earned $16,000 after disclosing a vulnerability in Facebook Business Manager that, if exploited, could have allowed attackers to take over a targeted victim's Facebook page.

Meeting the new vulnerability disclosure challenge

Michael Fimin considers the impact new EU General Data Protection Regulation (GDPR) laws will have on current vulnerability disclosure practices and recommends a number of best practices to help organisations measure up to the challenge.