Items tagged with security
Earlier this month, Microsoft children's account users complained that non-Microsoft browsers (including Google Chrome) were either crashing or unable to launch. Microsoft has clarified the situation and is actively working to resolve the issue.
To help protect children from harmful content online, Microsoft Family...
Read more...
It might be high time to rotate your least-changed passwords, if not all of them. The research team at Cybernews has been quietly tracking stolen credential datasets released this year, and the figures aren't good: a total of 16 billion records leaked (so far), including government accounts, Apple, Google, Facebook...
Read more...
The long-held belief that MacBooks are impervious to malware has been overwhelmingly debunked, and that's probably stale by now. We've published several stories on malware infestations targeting macOS. The new story here, sedulously baked from the giant ovens of North Korean hackers, is a wave of malware attacks on...
Read more...
Linux server administrators, it's time to get your patch on. The boffins at Qualys, a security firm well known for its excellent SSL configuration tester, found a pair of security vulnerabilities that combined can grant any unprivileged user instant root (administrator) access.
The first vulnerability in this...
Read more...
Security researchers have revealed that the ASUS Armoury Crate software has a serious vulnerability (tracked as CVE-2025-3464) that could allow hackers to gain admin access to computers.
The ASUS Armoury Crate software was designed to help users control and customize system settings like RGB lighting, fan speeds...
Read more...
A few months ago, a group of cybercriminals, Scattered Spider, launched sophisticated cyber attacks that bypassed key security infrastructures of several retail companies in the UK. The group has become even more notorious and has reportedly launched a new wave of attacks targeting insurance companies in the United...
Read more...
If you're like me, you spend part of your morning sifting through your inbox to separate the important stuff from the deluge of junk mail that fills it up each and every day (including Gmail accounts, despite Google's best efforts). Even with spam controls in place, it doesn't take much for an email address to become...
Read more...
A newly disclosed Secure Boot vulnerability is putting a large number of PCs at risk of bootkit attacks, with security researchers urging immediate patching. The flaw, tracked as CVE-2025-3052, was uncovered by Binarly Research and involves a signed UEFI module that allows attackers to bypass or disable Secure Boot...
Read more...
A few weeks ago, we reported on Google adding a privacy feature that helps users remove personal information from search engines. To further protect users' personal information, Google has patched a vulnerability that allows attackers to bypass key security features and steal Google users' phone numbers.
To exploit...
Read more...
A new variant of the BADBOX malware campaign has taken root in over a million Android-based devices worldwide, and if you’ve picked up a cheap smart TV box or projector off Amazon or AliExpress lately, you might be part of the problem. BADBOX 2.0 is a sprawling botnet targeting Android Open Source Project (AOSP)...
Read more...
The FBI has announced that the Play ransomware gang has masterminded several sophisticated cyberattacks, which have compromised key security infrastructures in about 900 organizations in Europe, North America, and South America.
The Play ransomware gang, which became infamous for compromising the security...
Read more...
Crocodilus, a relatively new banking trojan targeting Android devices, is continuing to evolve since it was first spotted back in March by the Mobile Threat Intelligence team at Threat Fabric. The improvements aim to make the malware harder to detect alongside adding new features. Additionally, the threat actors that...
Read more...
Meta has responded to allegations that it violated Android users' rights to privacy by secretly using its apps to track browsing histories.
In case you're unfamiliar with this allegations, a group of security researchers reported that Meta is secretly monitoring the browsing activities of billions of Android...
Read more...
Microsoft has swiftly deployed an emergency patch to address a critical issue that has been preventing some Windows 11 systems from properly installing the May 2025 security update (KB5058405). The problem, which primarily impacts enterprise environments, has been causing machines to enter recovery mode and fail to...
Read more...
As tempting as it might be, avoid using 0000 as your four-digit PIN code. Same goes for 1010, 1111, 1122, and 1212, which comprises the top five worst PIN codes, according to a list compiled by security experts. Just like a password, you should avoid using PIN codes that are commonly used. Yes, they can be easier to...
Read more...
It might surprise you to learn this, but cybercriminals are usually fairly protective of the data they steal, because things like credentials and login details have value, and can be sold to the right buyer. That's why it's so unusual that this latest discovery was apparently found completely unencrypted and visible...
Read more...
A recent campaign by 3AM ransomware actors found the team using more proactive techniques rather than simple opportunistic hacks by pretending to be IT support. Using a combination of email bombing and spoof IT support calls, unwitting employees dropped their guards, giving the attackers access to their terminals (and...
Read more...
Microsoft has sounded the alarm on a pervasive piece of malware that has already infected hundreds of thousands of PCs. A few weeks ago, we reported on the Clop gang's involvement in the large-scale data leaks at Hertz. This time, Microsoft reports that the Lumma info stealer created by the notorious Russian malware...
Read more...
Yet another user info database has been leaked, which has unfortunately become a common occurrence in this day and age, no matter how much tech users and security professionals curse the cloud. This time around, it was the well-known and generally trusted crypto exchange. Coinbase. Unlike most breaches, though, this...
Read more...
If you're a Chrome user, take note that the Cybersecurity and Infrastructure Security Agency (CISA) has identified and reported three zero-day vulnerabilities, and one of these flaws could affect you.
The CISA reported that CVE-2025-4664 is already being exploited in the wild and that it impacts the Google Chromium...
Read more...
Valve has responded to reports of a major data breach in which Underdark.ai, a cyber threat intelligent service, highlighted a dark web forum post by a hacker claiming to be in possession of 89 million Steam user records. According to Valve, which has been pretty good at keeping on top of security, there is nothing...
Read more...
Intel is once again in the crosshairs of a fresh speculative execution exploit, this time dubbed "Branch Privilege Injection." The new vulnerability, revealed by researchers at ETH Zurich's COMSEC group, is capable of extracting sensitive kernel memory using techniques that bypass existing Spectre-class mitigations...
Read more...
