McDonald warns common passwords like ‘bigmac’ and ‘happymeal’ remain highly vulnerable, urging stronger, randomized credentials for all users.
…
Suspected Chinese state-backed hackers hijacked the Notepadd++ update infrastructure to deliver a backdoored version of the popular free source code editor and note-taking app for Windows.
Someone kept a gigantic database unlocked on the internet, allowing researchers (and likely, hackers, too) to find it.
…
OpenClaw, the AI agent that has exploded in popularity over the past week, is raising new security concerns after researchers uncovered malware in hundreds of user-submitted “skill” add-ons on its marketplace. In a post on Monday, 1Password product VP Jason Meller says OpenClaw’s skill hub has become “an attack surface,” with the most-downloaded add-on serving […]
A popular WordPress quiz plugin can be abused to mount SQL injection attacks, but a patch is available.
The prolific cybercrime group ShinyHunters took responsibility for hacking Harvard and the University of Pennsylvania, and published the stolen data on its extortion website.
Microsoft has a new head of security. Hayete Gallot, who left Microsoft in October 2024 to become the president of Google Cloud’s customer experience, is returning to the software giant as the executive vice president of security, reporting directly to CEO Satya Nadella. The move means Charlie Bell, formerly Microsoft’s security chief, is taking on […]
Hackers are increasingly targeting macOS users with social engineering and infostealers, Microsoft warns.
Many users have run out of disk space entirely, and a patch is nowhere in sight.
Info on roughly 30 people was exposed in a new insider incident at Coinbase.