Device owners have yet to install patches for 3 high-severity vulnerabilities.
Malicious NPM packages are part of a malware “barrage” hitting repositories
People trust repositories, which makes them the perfect vectors for malware.
Tor is under threat from Russian censorship and Sybil attacks
Tor Project leaders disconnect rogue nodes and call on volunteers to bypass censorship.
SolarWinds hackers have a whole bag of new tricks for mass compromise attacks
The Kremlin-backed hacking outfit’s toolbox seems to grow by the month.
iPhones of US diplomats hacked using “0-click” exploits from embattled NSO
NSO’s stealthy Pegasus malware gives full remote access to infected devices.
Really stupid “smart contract” bug let hackers steal $31 million in digital coin
Company says it has contacted the hacker in an attempt to recover the funds. Good luck.
Thousands of AT&T customers in the US infected by new data-stealing malware
Malware exploits 2017 vulnerability in a widely used network edge device.
Users revolt as Microsoft bolts a short-term financing app onto Edge
“This all feels extremely unnecessary for a browsing experience,” one user says.
Google Play apps downloaded 300,000 times stole bank credentials
Crooks find new ways to prevent Google from detecting malicious packages.
A grim milestone: I maxed out the number of spammy addresses Gmail can block
You may not have noticed, but Google limits the number of blocked addresses you can have.