Items tagged with security
Io_uring was introduced in 2019 with Linux kernel 5.1, and its purpose was to help improve the efficiency and flexibility of input and output operations on Linux. While this led to significant performance gains, it also led to critical blind spots for Linux security tools. Most recently, security researchers have...
Read more...
A recent report has revealed that an employee surveillance app has been leaking sensitive information about employees and companies in a public storage resource, which raises the question as to the extent to which employers should be allowed to access employees' private data.
WorkComposer is a surveillance app that...
Read more...
Everyone knows (or should know) that the safest way to handle browser extensions is to make sure you're getting them from a trusted, reliable source. That alone isn't enough to ensure you want fall prey to hackers, though. Proving otherwise, dozens of extensions on the Chrome Web Store have been found to pose a...
Read more...
Apple has released iOS 18.4.1 and iPadOS 18.4.1, which fixes two security flaws that impact the Return Pointer Authentication Code (RPAC) and CoreAudio. This update fixes some zero-day vulnerabilities that are already being actively exploited in the wild.
Registered on the CVE program as CVE-2025-31200, one...
Read more...
A recent report of a highly sophisticated phishing attack exploiting Google services targeting a lead developer at Ethereum Foundation, Nick Johnson, proves that internet users need to take more precautions to protect themselves from social engineering tactics like phishing.
The attack's sophistication lies in...
Read more...
Hertz Corporation has warned about an alarming data breach that might have exposed sensitive customer data to hackers. The rental car company has provided details of the breach, the measures it has taken, and what potentially affected individuals can do to safeguard their personal information, if needed.
In a...
Read more...
Google has unleashed a new security feature that will reboot your phone if it senses that it's been locked for three days. The enhancement appeared in the low-key release notes for Google Play Services v25.14 (2025-04-14). This "inactivity reboot" adds a layer of protection by encrypting files and data on a phone and...
Read more...
Another day means another Windows update, and this time it comes with a warning from Microsoft. You may have noticed a new folder in your root C:\ folder after applying the latest cumulative update for April 2025. Furthermore, you may have been tempted to delete it after discovering that it's an empty folder. Word to...
Read more...
End-to-end encryption on messaging apps can offer a degree of protection, that is, if you don't let down your guard. That's the essence of the NSA’s latest security warning to iPhone and Android users on the need to manage key settings that might expose them to attacks if not handled properly.
While the warning...
Read more...
Following the rollout of iOS 18.3 in January, Apple released iOS and iPadOS 18.4 updates, which contain 62 security fixes, including a fix for a critical flaw in iPhones, iPods, and iPads. Apple highly recommends users update their devices ASAP to be protected against these vulnerabilities.
Among the updates, Apple...
Read more...
The Clop ransom gang, notorious for masterminding sophisticated cyberattacks and exploiting zero-day vulnerabilities, is back in the news, and for the usual reason- - targeting the security systems of big companies and causing large-scale data breaches. The gang is claiming to have carried out an attack that breached...
Read more...
We've reported a number of sophisticated cyberattacks where threat actors circumvent 2FA restrictions. In response to the increased vulnerability of passwords, Microsoft has announced a major change in its authentication requirements that will affect over a billion users. This change will see a significant shift from...
Read more...
If you are a skilled cybersecurity expert, able to discover security threats and software vulnerabilities, you may soon be eligible for a $100,000 payday. OpenAI announced that it has expanded its maximum security bug bounty program to $100,000, to compensate researchers who discover extremely severe or unique...
Read more...
Modern AI is far from science-fiction AGI, and yet it can still be an incredibly powerful tool. Like any tool, if misused, it can pose a threat to legitimate users, like how we recently covered photographers' concerns that Google's Gemini Flash 2.0 could be used to easily remove watermarks from copyrighted...
Read more...
In today's high-tech world, some toll roads keep the traffic moving by using transponders and cameras, rather than requiring that every driver come to a full stop to shove money into a machine (or into the hands of a gatekeeper). Mistakes can happen, though, and the FBI issued a warning to hundreds of millions of...
Read more...
A few weeks ago, we reported a study alleging that CAPTCHA does not deter bots and that Google merely uses it to collect and sell data. This week, HP Wolf Security researchers have launched a new complaint against CAPTCHA in the latest edition of the HP Threat Insights Report. This time, however, the complaint has...
Read more...
Bitdefender reports that more than 60 million users have recently downloaded applications used in massive ad fraud campaigns from the Play Store. The fraud campaign, code-named "Vapor," allows attackers to lure users into downloading apps that make them vulnerable to cyberattacks.
The cat-and-mouse game between...
Read more...
You probably have experienced situations where you needed to convert files from one format to another. In these cases, free online file converters are a common solution. However, the FBI Denver Field Office has just taken to X (formerly Twitter) to warn users that threat actors now use these seemingly harmless online...
Read more...
This month's Microsoft Patch Tuesday is here and it's a big one. Last month fixed 63 vulnerabilities. This month's update, however, includes patches for another 57 security vulnerabilities, six of which are already being actively exploited by hackers, while cybersecurity experts describe another six as critical. These...
Read more...
If you own an Apple device, there's a good chance an important security update is available, one that addresses an "extremely sophisticated attack" zero-day security flaw that's being actively exploited in the wild. Your Apple Watch and AirPods are not affected, but practically every other device is, including several...
Read more...
Researchers have uncovered a proprietary undocumented command in Chinese manufacturer Espressif's ESP32 chips that could be exploited, to the potential detriment of millions of users.
The ESP32 chip allows connectivity through Wifi or Bluetooth and can be found in millions of the Internet of Things (IoT) devices...
Read more...
Microsoft has uncovered a large-scale malvertising campaign that has affected over 1 million devices worldwide. In a blog post detailing its findings, Microsoft revealed that threat actors used platforms such as Dropbox, Discord, and Github to broadcast malware. The attacks, which were aimed at stealing sensitive...
Read more...
