Software packages with more than 2 billion weekly downloads hit in supply-chain attack
Incident hitting npm users is likely the biggest supply-chain attack ever...
All posts by Dan Goodin
Read More »
Dan Goodin
06:20
Former WhatsApp security boss in lawsuit likens Meta’s culture to a “cult”
Meta allegedly prioritized user growth over security, lawsuit said...
Dan Goodin
04:20
High-severity vulnerability in Passwordstate credential manager. Patch now.
Vulnerability can be exploited to gain access to customers' crown jewels...
Dan Goodin
13:21
High-severity WinRAR 0-day exploited for weeks by 2 groups
Exploits allow for persistent backdooring when targets open booby-trapped archive...
Dan Goodin
23:20
Adult sites use malicious .svg files to rack up likes on Facebook
Running JavaScript from inside an image? What could possibly go wrong...
Dan Goodin
01:20
Microsoft catches Russian hackers targeting foreign embassies
End goal is the installation of a malicious TLS root certificate for use in intel gathering...
Dan Goodin
12:20
Actively exploited vulnerability gives extraordinary control over server fleets
AMI MegaRAC used in servers from AMD, ARM, Fujitsu, Gigabyte, Supermicro, and Qualcomm...
Dan Goodin
04:20
Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic
Attacker rained down the equivalent of 9,300 full-length HD movies in just 45 seconds...
Dan Goodin
10:19
Address bar shows hp.com. Browser displays scammers’ malicious text anyway.
Microsoft, Apple, Bank of America, and many more sites all targeted...
Dan Goodin
23:20
Millions of low-cost Android devices turn home networks into crime platforms
BadBox malware has been menacing low-cost Android devices for nearly a decade...
