Microsoft Outlook users should update the client ASAP
Hackers can exploit Office vulnerability for remote access, fixed in latest update
Vulnerability articles
These Linksys routers are likely transmitting cleartext passwords
Owners should change their SSID and password without using the Linksys app
New Intel CPU vulnerability discovered, no new mitigations planned for "Indirector"
Exploit is similar to Spectre but targets a different Intel security system
Microsoft releases patch to fix critical Wi-Fi flaw in Windows, Windows Server
The Wi-Fi vulnerability is dangerous for anyone who works on their computer in a public space
Microsoft's latest security update fixes a nasty remote code execution bug in Windows Wi-Fi driver
June's Patch Tuesday is mandatory for users travelling with their Windows PCs
Cracking the code: How researchers recovered millions from a decade-old, password-protected crypto wallet
A lost password proved to be a blessing in disguise
Finding the flaw: A cryptocurrency holder reached out to renowned hacker Joe Grand about two years ago for help in regaining access to an encrypted digital wallet on his computer reportedly containing about $2 million worth of Bitcoin. Grand turned down the offer. You see, Grand specializes in hardware skills and Michael stored his crypto in a software based wallet.
Security flaw in this TP-Link Archer router receives 10 out of 10 severity rating
Update TP-Link's Archer C5400X router now to fix remote takeover vulnerability
College students find exploit to run laundromat machines for free or add money to an account without paying
UC San Cruz students are NOT using this hack en masse... No really
Google issues yet another Chrome update to fix a high-severity, zero-day vulnerability
The world's leading web browser is also popular among cybercriminals
Negating all VPNs may have been possible since 2002
All operating systems except Android are vulnerable, and the only foolproof mitigation is Linux-only
WordPress plugin vulnerability poses severe security risk, allows for site takeovers
Millions of exploitation attempts were detected in under a month
Nearly all Chinese keyboard apps have encryption flaws, exposing millions of users to keylogging
iOS and Huawei apps found to be safe, but others could allow passive snooping
GPT-4 can exploit zero-day security vulnerabilities all by itself, a new study finds
A hot potato: GPT-4 stands as the newest multimodal large language model (LLM) crafted by OpenAI. This foundational model, currently accessible to customers as part of the paid ChatGPT Plus line, exhibits notable prowess in identifying security vulnerabilities without requiring external human assistance.
LG TV owners should update their firmware, webOS vulnerability found in a few models
Security bug could grant root access on TVs running webOS versions 4 through 7
New HTTP/2 vulnerability leaves servers in danger of devastating DoS attacks, even from a single TCP connection
Affected server administrators are urged to take immediate action
Unpatchable Apple Silicon vulnerability could leak encryption keys
In brief: Hardware-based security flaws have become more frequent over the last several years but have mostly affected Intel and AMD processors. Now, Apple joins those ranks with a recently discovered vulnerability that causes Mac M-series CPUs to expose encryption keys. Since it is hardware-based, there is little users can do besides keeping macOS updated.
Ethical hackers show how to open millions of hotel keycard locks
Any NFC-enabled Android phone could forge a master key for every room in a hotel
In a nutshell: Over three million hotel room locks in 13,000 buildings in 131 countries are vulnerable to an exploit that lets attackers forge master keys for any door. Although the manufacturer of the affected locks is rolling out a fix, it's unclear when or if every impacted hotel will upgrade its systems.
Some QNAP NAS devices affected by a critical vulnerability, updates available right now
The company is once again scrambling to improve security of its network OSes
Google awarded $10 million in bug bounties last year, the second highest in the program's history
The largest single payout was $113,337
VMware forced to patch dangerous vulnerabilities in discontinued products
Flaws so severe, the company felt the need to update the now-abandoned ESXi hypervisor
AMD Ryzen CPUs are impacted by all of these serious vulnerabilities
A hot potato: All users with AMD Ryzen processors from the last few years should check and update their motherboard firmware ASAP, especially if they haven't done so since before 2023. AMD has published a detailed chart describing four severe security issues affecting server, desktop, workstation, HEDT, mobile, and embedded Zen CPUs. Recent BIOS updates have addressed most, but not all of the flaws.
Your favorite password manager could be exposing your credentials
AutoSpill is a security nightmare that affects even up-to-date Android devices
Use Rust or C#, abandon C++: Five Eyes agencies warn about memory safety in programming languages
Software developers need to step up their secure-by-design game, and fast
Google fixes critical Android flaw that could be exploited to hack your phone remotely
A total of 85 security vulnerabilities were patched in the December 2023 Android security bulletin
PSA: You should update your iPhone, iPad, or Mac now
Actively exploited WebKit zero days addressed for most Apple devices