SecurityWeek reports that Facebook parent firm Meta has expanded its bug bounty program to include rewards for flaws that could be abuse to evade Facebook integrity checks, including two-factor authentication for some business manager accounts, as well as the platform's feature restrictions and application verification processes.
The Hacker News reports that SonarSource has identified a high-severity vulnerability in the open-source RainLoop web-based email client which could be leveraged for email exfiltration.