Security Electronics Wyze knew about camera vulnerabilities that let strangers watch your feeds and recordings The issues were present for years By Rob Thubron, March 31, 2022, 5:14 AM
Google Software You should update Google Chrome now A Type Confusion vulnerability was discovered By Daniel Sims, March 28, 2022, 2:34 PM 17 comments
Security Microsoft Third party security group patches a Windows vulnerability Microsoft couldn't, yet again Recent official patch undid previous unofficial protection By Daniel Sims, March 22, 2022, 5:19 PM 20 comments
Hardware Security Researchers discover critical vulnerabilities in APC Smart-UPS devices The vulnerabilities can result in remote manipulation and potential damage to other controlled assets By Jimmy Pezzone, March 13, 2022, 8:47 AM 10 comments
Security Hardware Intel and Arm CPUs have a major security flaw Speculative Execution Vulnerability is a gift that keeps on giving By Sayak Biswas, March 9, 2022, 7:37 AM 14 comments
Security The Web Mozilla patches two actively exploited zero-day vulnerabilities in Firefox Mozilla squashes bugs with latest Firefox patch By Shawn Knight, March 7, 2022, 3:11 PM
Gaming Security Dark Souls PvP servers to remain offline until after Elden Ring launches Bandai Namco also investigating vulnerabilities in Elden Ring By Daniel Sims, February 9, 2022, 2:42 PM
Security Hardware Intel issues advisory for 16 new firmware vulnerabilities Firmware patches are on the way By Adrian Potoroaca, February 9, 2022, 1:44 PM 14 comments
Security New UEFI firmware vulnerabilities affect several PC vendors Supply chain infrastructure and enterprise systems are at risk By Adrian Potoroaca, February 2, 2022, 12:58 PM 10 comments
Software Security McAfee issues security bulletin, patches bugs that can lead to system level privileges Users running McAfee Agent versions prior to 5.7.5 are vulnerable to the discovered exploits By Jimmy Pezzone, January 22, 2022, 10:01 AM
Security Apple An unpatched Safari bug can leak browsing history and other identifying data Apple is aware of the problem and is working on a fix By Cal Jeffrey, January 18, 2022, 7:07 PM
Security The Web WordPress plugin vulnerabilities more than doubled in 2021 Three out of four WordPress plugin vulnerabilities have known public exploits By Shawn Knight, January 13, 2022, 12:19 PM
Car Tech Security Teen hacker gains remote control of over 20 Teslas Full control over car doors, security system, and more By Daniel Sims, January 12, 2022, 7:14 PM 35 comments
Security Apple Microsoft security researchers found a macOS exploit that can alter TCC permissions Apple patched it last month By Cal Jeffrey, January 11, 2022, 7:09 PM
Security Software New Log4j attack vector can affect local hosts with no internet access Researchers find internet access may not be required to exploit vulnerability By Jimmy Pezzone, December 19, 2021, 7:23 AM
Security The Web Log4J patch to fix serious zero-day has its own vulnerability that is already actively exploited Apache has patched the patch---install it ASAP By Cal Jeffrey, December 16, 2021, 1:48 PM
Security Log4J flaw turns into pandemic with over 840,000 attacks initiated within 72 hours Attacks reached over 100 per minute over the weekend By Cal Jeffrey, December 14, 2021, 6:05 PM
Security The Web Many Java-based applications and servers vulnerable to new Log4Shell exploit The exploit stems from a widely used Apache logging utility and potentially impacts any Apache Struts users By Jimmy Pezzone, December 11, 2021, 1:52 PM
Security Software New zero-day vulnerability in Windows Installer affects all versions of Microsoft's OS Microsoft already launched an update to address the vulnerability, but it wasn't enough to solve the issue By Joao Silva, November 24, 2021, 12:04 PM 7 comments
Software Apple Hong Kong cyberattack reveals that Apple favors latest OS versions for security updates The attack used a vulnerability that had already been patched in Big Sur By Daniel Sims, November 12, 2021, 5:44 PM 11 comments
Security Software Trojan Source flaw allows hackers to embed malware directly into source code They can also hide invisible vulnerabilities in open source software libraries By Adrian Potoroaca, November 2, 2021, 2:13 PM
Software Security Remote code execution vulnerability found in older versions of WinRAR, update it now Vulnerability discovered in version 5.7, the exploit was patched out in a July update By Daniel Sims, October 29, 2021, 5:04 PM 15 comments
Apple Security Apple rushes out iOS 15.0.2 just hours after 15.0.1 to patch actively exploited zero-day bug Another major security flaw that can allow hackers to take over a device By Cal Jeffrey, October 13, 2021, 4:19 PM 8 comments
Security Apple A new Apple Pay flaw allows hackers to steal money from your locked iPhone The attackers can bypass the iOS lockscreen to make large, unauthorized payments By Adrian Potoroaca, September 30, 2021, 12:31 PM 12 comments
Apple Security Apple AirTags are vulnerable to stored XSS injection attacks Apple is aware of the zero-day flaw and is working on a fix By Cal Jeffrey, September 29, 2021, 1:04 PM