microsoft
Stop What You’re Doing and Update Windows Right Now

The National Security Agency disclosed a major vulnerability in the latest version of Windows 10 and Windows Server 2016 to Microsoft, which released a fix for the issue on Tuesday, the MIT Technology Review reported. Read More >>

apple
Apple Plays Catch Up With Super-Lucrative Bug Bounties

Apple is opening its bug bounty program to all security researchers as well as expanding the systems they can be reported for. And, wow, Apple is willing to slide them a pretty significant amount of dosh for it, too. Read More >>

apple
Major iOS Exploit Could Pave the Way to a New Age of Jailbreaking

Thanks to a new bootrom exploit that affects multiple generations of iOS devices, the iPhone and iPad jailbreaking community may have just gotten a new lease on life. Read More >>

google
Google’s Project Zero Finds Six ‘Interactionless’ iOS Vulnerabilities Using iMessage App

Apple released bug fixes for five major security issues in iOS that can be exploited via its iMessage client app last week after they were discovered by researchers for competitor Google’s exploit-hunting Project Zero, though an additional issue was reported and not totally resolved in the iOS 2.4 update, according to the BBC. Read More >>

cybersecurity
Serious Security Flaw With Teleconferencing App Could Allow Websites to Hijack Mac Webcams

On Monday, security researcher Jonathan Leitschuh publicly disclosed a serious zero-day vulnerability in conferencing software Zoom – which apparently achieves its click-to-join feature, which allows users to go directly to a video meeting from a browser link, on Mac computers by installing a local web server running as a background process that “accepts requests regular browsers wouldn’t,” per the Verge. As a result, Zoom could be hijacked by any website to force a Mac user to join a call without their permission, and with webcams activated unless a specific setting was enabled. Read More >>

apple
Researcher Who Found macOS Keychain Exploit Shares Details With Apple, Despite No Bounty

After a Germany-based security researcher last month claimed to have identified a macOS security workaround to access passwords and user information stored in Keychain, he says he’s reversed his position on sharing that information with Apple, 9to5Mac reported Wednesday. Read More >>

google
Dual UPnP-Chromecast Exploit Allows Hacker to Hijack Devices, Force Any YouTube Video to Play

Hackers have discovered a bug that allows attackers to seize control of Google’s Chromecast media streaming player, making it possible to force the device into “playing any YouTube video they want – including videos that are custom-made,” TechCrunch reported on Wednesday. Read More >>

security
Everything You Need to Know About Cloudbleed, the Latest Internet Security Disaster

Have you heard? A tiny bug in Cloudfare’s code has led an unknown quantity of data—including passwords, personal information, messages, cookies, and more—to leak all over the internet. If you haven’t heard of the so-called Cloudbleed vulnerability, keep reading. This is a scary big deal. Read More >>

uncategorized
It’s Ridiculously Easy to Troll Google Maps With Fake Listings

Trust the listings you find on Google Maps? You shouldn't, because it's easy to fake them. That's what Google Maps exploiter Bryan Seely demonstrated for me. And while trolling politicians with dick jokes is never not funny, there's also a whole sub-community of scammers turning Google Map's little bugs into cold, hard cash. Read More >>

security
Luxury Smart Toilet Vulnerable to Back Door Attack

The Satis so-called "smart toilet" can be controlled by an Android app, with users of the £4,000 loo able to operate its lighting, flush and bidet controls from a phone. Problem is, the Bluetooth access PIN is set to "0000" by default, meaning random strangers could seize control of your toilet and exploit your very own back door for their amusement. Read More >>

security
Ch4nge Your P4ssw0rd: Ubisoft Servers Hacked, Login Details Nicked

Gaming giant Ubisoft is at the centre of a new gaming hack attack, with the game maker telling players that "user names, email addresses and encrypted passwords" have been pulled from one of its servers. Read More >>

twitter
Watch Out: Infected PCs Spreading Malware Through Hacked Tweets

Those clever hackers have come up with a new way to exploit Twitter, with a browser-based exploit launched from malware infected PCs, helping spread links of shame in the form of tweets that appear to be sent from the user's account. Read More >>

android
Crazy New Exploit Can Brick Samsung Phones or Steal All Their Data

Got a Samsung Galaxy SIII? Maybe a Galaxy Note? Well listen up because there's a new boogeyman on the loose. According to a thread at XDA Developers, there's an exploit out there that can let Android malware apps get at all your physical memory, for the purposes of stealing your data or deleting it or whathaveyou. Read More >>

gaming
Mass Murder in WoW as Hacker’s “Exploit” Wipes Out Thousands of Players

Amazing scenes of death and carnage were witnessed in the pretend World of Warcraft over the weekend, after an exploit of some kind was used to kill thousands of player characters. Read More >>

security
Java Patched, New Java Security Holes Discovered

Just days after Oracle took the unusual step of releasing an unscheduled patch to fix the huge security flaw found in the most recent update of its Java platform, more ways to exploit the code have been found within the widely used tool. Read More >>