The US Securities and Exchange Commission (SEC) is set to charge SolarWinds Chief Information Security Officer Timothy Brown with fraud, accusing him of lying to investors about cybersecurity practices and hiding known risks. SolarWinds experienced a nearly-two-year cyberattack, attributed to Russian operatives. These charges stem from allegations that executives knew more about system vulnerabilities than was disclosed before the attack. SolarWinds paid $26 million to shareholders last year related to lawsuits concerning the breach.

Flaw in ESET security software used to spread malware from ToddyCat group
Researchers discovered a vulnerability in ESET’s cybersecurity software that could be exploited by state-backed hackers to secretly infect devices with malicious code. The flaw allows