Apple quietly updates Macs to remove Zoom webcam exploit

It's not just Zoom scrambling to fix the exploit that allowed intruders to hijack Mac webcams. Apple has issued a silent, automatic update to macOS that removes the web server used to streamline access to the video conferencing app. The update isn'...

US Cyber Command warns of nation-state hackers exploiting Outlook

The recent surge in state-backed hacking campaigns isn't dying down any time soon. US Cyber Command has reported that unnamed state actors are making "active malicious use" of a 2017-era Outlook vulnerability (long since patched) to escape the email...

You should update Firefox right now to fix a critical bug

If you have Firefox on your computer, you should update it right now. Mozilla has released security updates Firefox 67.0.3 and Firefox ESR 60.7.1 to fix a critical bug, which it says hackers are actively exploiting to take control of vulnerable syste...

Indian streaming giant broke Safari support to deal with security hole

Websites tend to drop support for a particular browser due to obsolescence or just a lack of functionality, but India's biggest streaming service apparently had another reason: a piracy-friendly security hole. TechCrunch sources understand that Disne...

Mac security hole reportedly lets attackers bypass app safeguards

Apple may have another Gatekeeper security flaw on its hands. Researcher Filippo Cavallarin has detailed a macOS vulnerability that he said would let attackers install malware without the usual permission request. As Gatekeeper considers network sh...

Install updates now to address a vulnerability in most Intel CPUs

In January 2018, a pair of security exploits dubbed Spectre and Meltdown showed how attackers could take advantage of commonly-implemented CPU technology to access data they shouldn't have been able to. They were followed by a similar bug, Foreshadow...

Old versions of Windows get a new patch to stop WannaCry-style attacks

Microsoft is trying to head off another WannaCry-style malware outbreak before it starts. The software giant has released fixes for a Remote Desktop Services (aka Terminal Services) vulnerability that could allow "wormable" malware that spreads from...

WhatsApp call exploit let attackers slip spyware on to phones

WhatsApp appears to have been the inadvertent conduit for a surveillance campaign. Both WhatsApp and Israeli software developer NSO Group have confirmed that an exploit in WhatsApp's voice calling allowed attackers to load NSO's Pegasus spyware on t...