Attacks include a hard-coded password vulnerability that could give attackers unauthorized access to systems.

One of the bugs could allow a successful attack simply by a user viewing an email in Outlook’s Preview pane.

Emails try to get recipients to share revealing photos of themselves so scammers can later extort them later.

The attack could have been averted through a technique called subresource integrity, according to researcher Scott Helme.

The vulnerability also exposed login credentials for a massive national insurance claims database, Upguard says.

Researchers have identified a new ransomware strain that went undetected by built-in malware protection used by cloud heavyweights Microsoft and Google as recently as January.

The move adds to Google’s efforts against malicious apps on the Play store.

Hotspot Shield has been downloaded more than 500 million times, according to its creator AnchorFree.

Octoly’s incident response was sorely lacking, says the Upguard researcher who found the exposed repository.

The vulnerability has a CVSS base score of 10.0, the highest possible, and now affects 15 products.