Krita has become the latest victim of ransomware. But rather than being attacked directly, its name is being used to spread malware among users via emails offering advertising revenue.

Before joining CISA as chief of staff, Todt served as managing director of the non-profit Cyber Readiness Institute (CRI). She also served as president and managing partner at Liberty Group Ventures.

The company also announced the acquisition of VisibleRisk, a cyber risk ratings venture created by Moody’s and Israel-based cybersecurity think tank and venture creation foundry Team8.

Users of Azure who are running Linux virtual machines may not be aware they have a severely vulnerable piece of management software installed on their machine by Microsoft.

Switzerland’s national postal organization Swiss Post is offering bug bounty rewards of up to €230,000 (~$271,000) for critical vulnerabilities identified in a future digital voting system.

Microsoft has released a security update to fix the last remaining PrintNightmare zero-day vulnerabilities that allowed attackers to gain administrative privileges on Windows devices quickly.

Maura Healey, the attorney general, plans to investigate whether the Bellevue, Washington-based company had proper safeguards to protect customers’ personal information and mobile devices.

This indicates that many firms are not prioritizing their data security and neglecting routine patching exercises. Based on Imperva scans, some CVEs have gone unaddressed for three or more years.

The warnings are part of the firm’s September monthly security update, which this month addresses 59 bugs found in 15 of its products, including in Photoshop, Premiere Elements, ColdFusion and InCopy.