The Connectivity Standards Alliance (CSA), creators of the Matter, Zigbee, and Aliro standards for IoT devices, released their new Matter 1.6 and Product Security 1.1 specifications for securing smart homes.
Novo Nordisk, the Knicks, Peter Thiel, and many more are among this week's numerous big names who were breached.
Researchers at Paradigm Shift discovered a new unwatchable vulnerability, dubbed "usbliter8," in Apple's A12, S4/S5, and A13 chips.
A surge of AI-generated patches in the Linux kernel has resulted in the removal of support for older protocols, the latest of which being AppleTalk.
Android 17 has now officially launched, bringing with it a slew of new privacy and security upgrades like the new Contact Picker and post-quantum app signing.
WhatsApp claims they detected and stopped an NSO spyware campaign against its users.
Researchers at Sonatype uncovered a massive supply chain attack against the Arch User Repository (AUR) to harvest credentials and exfiltrate user data by hijacking around 1,500 packages.
This was a busy week with breaches from several universities, the French government, Flock, and more.
Microsoft has patched some vulnerabilities from anonymous security researcher going by the pseudonym Nightmare Eclipse, who published yet another vulnerability the same day.
According to TechCrunch, CISA is giving US federal agencies until the end of Wednesday to fix an actively exploited VPN vulnerability in the deprecated IKEv1 key exchange protocol.
Ethical hacker Rasmus Moorats in a blog post revealed an exploit in Sound Blaster Katana V2X speakers, dubbed "Pwnd Blaster," that would allow an attacker to remotely take over your PC.
Brave has officially released Brave Origin, a minimal version of the regular Brave browser without a lot of the optional features such as Rewards, Leo AI, and Brave's VPN, for a one-time fee.
This week saw data breaches impacting GTA Online cheaters, a health wearable, a UN food assistance program for Palestinians, and an update to the neverending 23andMe saga.
An exploit described as “remarkably simple” allows anyone to add a new email address to any Instagram account using Meta’s AI chat bot, allowing full account takeover.
A complex travel booking breach, multiple government breaches around the world, some updates, and much more. This was a busy week for cybercriminals.
Google Family Link, Google's child safety feature, can be leveraged by an attacker to lock you out of your Google account and surveil and control your activity
Security researcher Harry Sintonen disclosed that the macOS desktop Signal app doesn't actually delete messages when they're deleted in the UI of the app.
After the town of Bandera, Texas voted 3-2 to end its contract with the dystopian surveillance company Flock, a pro-Flock councilmember proposed a ban of phones, cameras, the internet, and nearly all technology.
Apple has published the source code for their corecrypto libraries on GitHub, along with the tools and formal verification libraries they used to evaluate their cryptography, so independent cryptography experts can verify it for themselves.
The US DOJ is demanding the data of all users, equating to over 100,000 people, of the EZ Lynk app over alleged violations of the Clean Air Act, which the company denies.
Brian Krebs found a public GitHub repository with sensitive internal CISA credentials "including cloud keys, tokens, plaintext passwords, logs and other sensitive CISA assets."