Users of the popular file transfer app from Progress Software used by 1,700 software companies and 3.5 million developers are urged to patch immediately.
The vulnerability dubbed "Migraine" by Microsoft researchers could let attackers automatically bypass system integrity protection in the macOS. Apple patched the bug on May 18.
Trend Micro researchers say new kernel was an updated version that included inherited samples from earlier research published by Mandiant, Sophos, and Sentinel One.
The vulnerability exists in versions prior to 2.54 of KeePass 2.x and exposes the risk of malicious actors recovering the clear text master password from various memory sources.
Users who already have TikTok installed are exempt from the new law, a major reason security pros believe it will be impossible to enforce, since users can download the app over the next several months before the law goes into effect, download it in another state once the law goes live, or use a VPN.