Security
Samsung phone is saving your passwords in plain text
You copy a password from your manager, thinking it's safe. Meanwhile, your phone is saving it in plain text. Samsung says, so far, there is no solution.
Read more about Samsung phone is saving your passwords in plain text
Critical security flaw affects Asus AiCloud routers, urgent update required
Hackers can craft a request, send it to the Asus router, and execute functions without authorization. Due to this critical vulnerability, bearing a score of 9.2 out of 10, the company is urging users to update the firmware of Asus routers running AiCloud.
Read more about Critical security flaw affects Asus AiCloud routers, urgent update required
“Vote for me” scam turns into chain reaction of stolen Facebook, X accounts
Is a friend asking you to vote for them on Facebook? It’s a scam that starts a chain reaction. Many people have already fallen victim.
Read more about “Vote for me” scam turns into chain reaction of stolen Facebook, X accounts
6M users at risk: 58 Chrome extensions discovered containing secret tracking code
Dozens of Chrome extensions, many of them featured on the Chrome Web Store but also hidden and not indexed by search engines, contain secret functionality to track users, a security researcher has discovered.
Read more about 6M users at risk: 58 Chrome extensions discovered containing secret tracking code
CISA recommends password reset after potential Oracle data breach
The Cybersecurity and Infrastructure Security Agency (CISA) is suggesting that organizations that have been affected by a potential data breach at Oracle’s Cloud Infrastructure reset passwords to minimize the risk associated with credential compromise.
Read more about CISA recommends password reset after potential Oracle data breach
Screw gov’t funding, we’re going nonprofit, CVE Board declares after database debacle
Citing global security for all, CVE board members have announced the creation of a new nonprofit CVE Foundation, aimed at taking the onus for funding the critical vulnerability database program out of government hands.
Read more about Screw gov’t funding, we’re going nonprofit, CVE Board declares after database debacle
Fake jobs, tolls, and deliveries text cost Americans half a billion
Text scams are raking in millions. And they're no longer just a minor annoyance – they’re looting Americans' accounts.
Read more about Fake jobs, tolls, and deliveries text cost Americans half a billion
Stop & Shop, Albert Heijn, Food Lion: Ransomware gang targets grocery heavyweights
Ahold Delhaize, the €87 billion ($99 billion) retail titan behind your local Stop & Shop and Albert Heijn, has been hit by a data breach. At least that’s what a ransomware gang is claiming on its dark web blog.
Read more about Stop & Shop, Albert Heijn, Food Lion: Ransomware gang targets grocery heavyweights
iPhone AI app leaked user-generated NSFW stories
Apple App Store’s Novel AI: Book Creator leaked its Firebase database, revealing that its users generated far spicier stuff than your average ghost story.
Read more about iPhone AI app leaked user-generated NSFW stories
A whopping 46% of US companies’ employees reuse passwords
Cybernews researchers analyzed the top 100 most trusted companies in America – including Nvidia, Costco, Apple, American Express, and others – and found that all of them had experienced data breaches, exposing critical cybersecurity weaknesses.
Read more about A whopping 46% of US companies’ employees reuse passwords
YouTuber’s pixelation fail: private video part unmasked in hours
One YouTuber laid out a challenge to his viewers: $50 to anyone who could de-pixelate a heavily obscured section of his video, intended to hide private folders. It was cracked in hours, demonstrating the vulnerability of blurring as a privacy measure.
Read more about YouTuber’s pixelation fail: private video part unmasked in hours
GoDaddy flop caused major Zoom outage
Zoom went down on Wednesday, and the company revealed it wasn’t to blame for the major outage.
Read more about GoDaddy flop caused major Zoom outage
Former CISA chief resigns from SentinelOne following White House pressure
Christopher Krebs, whom President Donald Trump fired as head of the Cybersecurity and Infrastructure Security Agency (CISA) in 2020, said on Wednesday he is leaving cybersecurity company SentinelOne following pressure from the White House.
Read more about Former CISA chief resigns from SentinelOne following White House pressure
Identity-based attacks most prevalent in cybersecurity incidents
Last year, cybercriminals leaned heavily on stealth and efficiency, favoring straightforward techniques over complex malware and zero-day exploits.
Read more about Identity-based attacks most prevalent in cybersecurity incidents
CVE database funding extended through 2026 – was the panic all for nothing?
Critical funding for the Common Vulnerabilities and Exposures database, set to expire on Wednesday, has been renewed in full, the US Cybersecurity and Infrastructure Security Agency (CISA) announced late Tuesday evening. So, was there a real threat to the MITRE-led program ending, or just government business as usual?
Read more about CVE database funding extended through 2026 – was the panic all for nothing?
Huge ransomware campaign targets AWS S3 storage: attackers have thousands of keys
A massive database of over 1,200 unique Amazon Web Services (AWS) access keys has been amassed and exploited in a ransomware campaign. Administrators of exposed AWS S3 buckets are finding their files encrypted except for a ransom note demanding payment in bitcoin.
Read more about Huge ransomware campaign targets AWS S3 storage: attackers have thousands of keys
Android devices to auto-restart if locked for 3 days: why does it matter?
Google is rolling out a new security feature that reboots Android devices if they remain locked for three consecutive days. This makes it much harder to access data from stolen but also seized devices.
Read more about Android devices to auto-restart if locked for 3 days: why does it matter?
Former MTV execs’ ghost platform still leaking personal data of numerous creatives
The Loop is dead, but your personal data isn’t. Over two million files packed with personal data are still sitting online, waiting to ruin someone's day.
Read more about Former MTV execs’ ghost platform still leaking personal data of numerous creatives
