Signal will start phasing out SMS and MMS support from its Android app; users have a few months to transition away from SMS and export messages to another app (Sergiu Gatlan/BleepingComputer)

Sergiu Gatlan / BleepingComputer:
Alongside iOS 16, Apple releases iOS and iPadOS 15.7, macOS Monterey 12.6, and macOS Big Sur 11.7 to fix the eighth actively exploited 0-day since January 2022  —  Apple has released security updates to address the eighth zero-day vulnerability used in attacks against iPhones and Macs since the start of the year.

Sergiu Gatlan / BleepingComputer:
2K, owned by Take Two Interactive and publisher of Bioshock, Xcom, and popular sports games, says its help desk was hacked and sent customers links to malware  —  American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers …

Sergiu Gatlan / BleepingComputer:
The FBI and CISA say an Iranian-backed threat group hacked a US Federal Civilian Executive Branch and deployed XMRig cryptomining malware via the Log4Shell flaw  —  The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked …

Sergiu Gatlan / BleepingComputer:
Dropbox says hackers stole code and some API keys from 130 GitHub repositories via a phishing campaign, but its core apps and infrastructure were unaffected  —  Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub …

Deeksha Bhardwaj / Hindustan Times:
India proposes a legal framework to regulate over-the-top communications services, including encrypted apps like WhatsApp and Signal, and intercept messages  —  The bill, if implemented in its current form, will have reaching ramification for the industry that is based on the premise of privacy and security of encrypted messages

Sergiu Gatlan / BleepingComputer:
Fortinet confirms a critical remote authentication bypass vulnerability in FortiOS, FortiProxy, and FortiSwitchManager is being exploited; a patch is available  —  Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild.