6. Google's Project Zero has finally disclosed a zero-day vulnerability in Apple macOS software it found last November. Apple hasn’t responded to the bug that is an issue with a copy-on-write bypass of the OS’s XNU kernel code. Hackers could take advantage of this to corrupt a computer’s memory. -- ZDNET
7. A new survey from ISACA has found understaffed cyber teams according to nearly 70 percent of cybersecurity professionals. Nearly a third say it takes six months or more to fill a vacancy at their organization. “Organizations ought to think out-of-the-box to ensure they have the right people, with the right skills, in the right place, at the right time,” the author says. -- ISACA BLOG
8. This is a deep dive into understanding how one Chinese state-sponsored hacking group operates. They are labeled APT40 and researchers show they take advantage of a number of known vulnerabilities to penetrate various government and private networks. -- FIREEYE BLOG
9. Santiago Lopez is the first to have made more than $1M in bug bounties and he is only 19. He has found thousands of bugs on HackerOne and his largest payout was $9,000. -- BLEEPING COMPUTER
10. Kaiser has put together this tool to search for how securely your local hospital treats your data and how it fares on patient safety. You can see the results for St. Louis hospitals below -- not everyone has responded. This post on Ars describes the reasoning behind the survey.