A security vulnerability in Facebook’s Messenger Rooms video chat feature meant attackers could access a victim’s private Facebook photos and videos, and submit posts, via their locked Android screen.

The analysts calculated that more than 410,000 records, and hundreds of thousands of customer records, were exposed in the leak — which they estimated dates as far back as 2015.

Cybersecurity readiness firm Immersive Labs has announced a $75 million Series C round, with investments from Citi Ventures, Menlo Ventures, and follow-on from Goldman Sachs Asset Management.

The Akkadian Provisioning Manager, a third-party provisioning tool used within Cisco UC environments, has three high-severity flaws that can enable RCE with elevated privileges, researchers said.

The San Francisco-based DevOps tool provider said in a blog post that the new NodeJS-based uploader will be shipped as a static binary executable suitable for Windows, Linux, Alpine Linux, and macOS.

The SEC is also looking to shore up public companies’ disclosures on how they oversee cybersecurity risks, according to another new item on its rulemaking agenda. A proposal is expected by October.

The UK government has issued a call-to-arms to the country’s burgeoning cybersecurity startups through a new program to help it defend the country from malicious online activity.

AT&T Alien Labs observed Moobot, a Mirai variant botnet, scanning for known but uncommon vulnerabilities in Tenda routers and also discovered a malware-hosting domain distributing few Mirai variants.

Hostile nation-states are long thought to have tolerated cybercrime groups operating from within their borders, as long as attacks are targeted at organizations in rival nations.

The email system is “totally safe and secure”, the IT ministry said while dismissing a report claiming that breaches at Air India, Big Basket, and Domino’s had exposed credentials of NIC emails.