Security researchers Sreeram KL and Sivanesh Ashok have won over $22,000 in bug bounties after discovering vulnerabilities in four Google Cloud Platform projects. The most lucrative project was Vertex AI, with the duo earning $5,000 for identifying a server-side request forgery bug and then a further $5,000 for detecting a subsequent patch bypass. Google has addressed the issue by adding cross-site request forgery protection.
US charges suspected LockBit ransomware developer
The US Department of Justice has charged Rostislav Panev, alleged developer for the LockBit ransomware group, with 41 counts including wire fraud and extortion. Panev,