The first unpatchable iPhone exploit in six years targets chips still running Apple's latest iOS
A new unpatchable exploit affects the iPhone 11 and other older Apple devices
Frontier Airlines is leaking your passport and credit card details from a boarding pass
A hot potato: A security researcher has discovered serious vulnerabilities in Frontier Airlines' booking system. Using just two pieces of information printed on every boarding pass – a booking code and a last name – anyone can pull full passport numbers, home addresses, TSA PreCheck codes, and nearly complete credit card details from the airline's API. The vulnerabilities have been known for over three months.
Cybercriminals have been distributing malware via Steam for a year, tens of thousands affected
Steam's Wallpaper Engine was weaponized to steal user credentials and hijack active sessions
Chrome update fixes 33 security flaws, including seven critical bugs
Google Chrome remains the default browser for billions of users. Latest release 149.0.7827.156 is largely a security update, but a significant one, fixing 33 vulnerabilities including seven rated critical and numerous high-severity flaws tied to memory corruption, WebRTC, extensions, passwords, and authentication systems.
AMD quietly disabled RAM encryption on some Ryzen CPUs and users want to know why
AMD's latest firmware update sparks a security feature controversy
The FBI built a fake town in Alabama to study and simulate real-world cyberattacks
More than 200 servers power simulations to stress-test America's digital infrastructure
Justice Department seizes websites that published deepfake nudes of famous women
The sites allegedly targeted celebrities, politicians, journalists, athletes, and other public figures
Windows Server is getting new network safety capabilities with DNS over HTTPS
The feature has been available on client Windows editions for quite some time
AMD changes rules, denies researcher $10,000 bounty after taking 124 days to patch security flaw
The researcher says AMD dismissed his report, later asked him to stay quiet
Microsoft's June Patch Tuesday fixes a record 200 vulnerabilities, including five being actively exploited
Five zero-days, 55 remote code execution bugs, and a disputed BitLocker backdoor fix
The end of uBlock Origin in Chrome is now weeks away, not months
Ad-Verse: Google announced the transition from Manifest V2 browser add-ons a few years ago, but kept a few well-known "secrets" available to support legacy extensions. Now, Chromium developers have explained that MV2-based extensions are completely going away in just a few weeks.
This soundbar can be hijacked over Bluetooth to control your computer, no pairing required
A flaw in the Sound Blaster Katana V2X lets nearby attackers flash custom firmware and type on your computer
Signal attacks UK plan to scan devices for nude images as "mass surveillance"
The UK says tech firms could face fines if they fail to adopt stronger protections for children
PSA: Scammers are getting their fake shopping sites into ChatGPT's results
Convincing copycats use near-identical domain names and layouts while dangling discounts of up to 80%
Sam Altman's other startup is laying off workers
Adoption, privacy concerns, and revenue questions hang over World's iris-scanning platform
Signal, DuckDuckGo, and NordVPN threaten to exit Canada if metadata surveillance law passes
Canada's metadata retention bill is the latest government attempt to build surveillance into the internet's infrastructure
Anthropic is blacklisted by the Pentagon and being used by the NSA at the same time
NSA reportedly using Anthropic's Claude Mythos for offensive cyber operations despite Pentagon supply chain blacklist
TeamGroup built an external SSD that destroys itself when you send it a text message
This external SSD can wipe itself remotely over 4G – no Wi-Fi required
What is the most commonly used password?
It takes less than a second to crack the world's most popular password. Do you know what it is?
Android can now detect when scammers are faking calls from your contacts
Google's answer to AI voice cloning is a silent RCS handshake you'll never see
GTA V cheating platform Atlas Menu hacked, exposing emails and encrypted passwords
A revenge hack on a GTA cheating service reveals the platform had spyware built in
Proton Mail now lets you send email from your Gmail address
New feature lets you transition away from Gmail gradually, so you never have to open Google's app again
Hackers tricked Meta's AI chatbot into handing over Instagram accounts, including Obama's
All that was needed was a VPN and a target's username, the chatbot did the rest
Dashlane users locked out after brute-force attacks target password manager accounts
Security controls suspended accounts after repeated failed attempts to register new devices
Craigslist founder and Sesame Street's Count von Count team up to fight online scams
Count von Count is helping teach adults one simple habit for spotting suspicious messages, Ah-Ah-Ah!