High-severity WinRAR 0-day exploited for weeks by 2 groups
Exploits allow for persistent backdooring when targets open booby-trapped archive...
All posts by Dan Goodin
Read More »
Dan Goodin
23:20
Adult sites use malicious .svg files to rack up likes on Facebook
Running JavaScript from inside an image? What could possibly go wrong...
Dan Goodin
01:20
Microsoft catches Russian hackers targeting foreign embassies
End goal is the installation of a malicious TLS root certificate for use in intel gathering...
Dan Goodin
12:20
Actively exploited vulnerability gives extraordinary control over server fleets
AMI MegaRAC used in servers from AMD, ARM, Fujitsu, Gigabyte, Supermicro, and Qualcomm...
Dan Goodin
04:20
Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic
Attacker rained down the equivalent of 9,300 full-length HD movies in just 45 seconds...
Dan Goodin
10:19
Address bar shows hp.com. Browser displays scammers’ malicious text anyway.
Microsoft, Apple, Bank of America, and many more sites all targeted...
Dan Goodin
23:20
Millions of low-cost Android devices turn home networks into crime platforms
BadBox malware has been menacing low-cost Android devices for nearly a decade...
Dan Goodin
13:21
FBI warns of ongoing scam that uses deepfake audio to impersonate government officials
Warning comes as the use of deepfakes in the wild are rising...
Dan Goodin
03:20
Copilot exposes private GitHub pages, some removed by Microsoft
Repositories once set to public and later to private, still accessible through Copilot...
Dan Goodin
03:20
How North Korea pulled off a $1.5 billion crypto heist—the biggest in history
Attack on Bybit didn't hack infrastructure or exploit smart contract code. So how did it work...
