Microsoft has analyzed EnglishmansDentist exploit used against the Exchange 2003 mail servers on the out-dated Windows Server 2003 OS. Exploit was released by ShadowBrokers back in April 2017.
ESET researchers have analyzed a Stantinko botnet consisting of almost half a million machines used for ad-related fraud. It uses malicious Chrome extensions, but also creating and managing Facebook profiles and brute-forcing Joomla and WordPress websites.
A buffer overflow in the Source SDK in Valve's Source SDK allows an attacker to remotely execute code on a user's computer machine.
Secure messaging application Wire is now supporting end-to-end encrypted chats, file sharing and calls to businesses. But it's paid feature.
Briar, a secure messaging app for Android, was released for a public beta testing. It's using Tor, or P2P direct messaging over Wifi, Bluetooth. Very interesting project.
D. J. Bernstein has published blog about the secure key material erasure: "2017.07.23: Fast-key-erasure random-number generators"
Google Project Zero analyzed the security properties of the two major Trusted Execution Environment present on Android devices - Qualcomm’s QSEE and Trustonic’s Kinibi.
Prowler is a tool based on AWS-CLI commands for AWS account security assessment and hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark.
Hardentools is a utility that disables a number of risky Windows "features" exposed by Windows operating system.