Password manager utility KeePass has had to defend its reputation following the discovery of a potential vulnerability that could expose users’ secret data. However, the company states the issue only arises if an attacker already controls a compromised account. Additionally, OpenSSL project has released patches to address a variety of vulnerabilities, including a high-impact flaw. In related news, a system administrator on Reddit was victim of a phishing attack, gaining the attackers access to some internal documents and code.

The ARToken phishing panel targets Microsoft 365 accounts
Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences


