Dan Goodin, Ars Technica
Dan Goodin is IT Security Editor at Ars Technica
A Bug in iOS 15 Is Leaking User Browsing Activity in Real Time
Apple has known about the vulnerability, which also affects iPadOS 15 and Safari 15, since late November.
Microsoft Seizes Domains Used by a Chinese Hacking Group
The move delivers a blow to the hackers behind sophisticated attacks on government agencies, think tanks, and other organizations.
A Software Bug Let Hackers Drain $31M From a Crypto Service
An attacker exploited a vulnerability in MonoX Finance's smart contract to inflate the price of its digital token and then cash out.
A Bunch of Malicious Google Play Apps Stole User Banking Info
Using tricks to sidestep the app store’s restrictions, malware operators pillaged passwords, keystrokes, and other data.
Iranian Hackers Are Going After US Critical Infrastructure
A hacking group is targeting a broad range of organizations, taking advantage of vulnerabilities that have been patched but not yet updated.
Another Intel Chip Flaw Puts a Slew of Gadgets at Risk
The vulnerability allows an attacker with physical access to the CPU to bypass the security measures protecting some of its most sensitive data.
The SolarWinds Hackers Used an iOS Flaw to Compromise iPhones
Security researchers say the group exploited a zero-day in Apple’s operating system to target European government officials over LinkedIn.
Microsoft Keeps Failing to Patch a Critical Windows Bug
For the second time in a month, the company issued an update that doesn't fully address a severe security vulnerability in Windows.
Echo Dots Store a Wealth of Data—Even After You Reset Them
Thinking about selling your smart speaker? Be aware that you can't completely delete personal content from the device.
SolarWinds Hackers Continue Assault With New Microsoft Breach
The company says the Nobelium hacking group compromised a support agent's computer and levied brute-force attacks against some of its customers.
A Mystery Malware Stole 26 Million Passwords From Windows PCs
The credentials were part of a trove containing 1.2 terabytes of sensitive data extracted between 2018 and 2020.
Apple’s M1 Chip Has a Fascinating Flaw
The covert channel bug is harmless, but it demonstrates that even new CPUs have mistakes in them.
A Never-Before-Seen Wiper Malware Is Hitting Israeli Targets
The malicious code, which masquerades as ransomware, appears to come from a hacking group with ties to Iran.
Apple Execs Chose to Keep a Hack of 128 Million iPhones Quiet
Emails from the Epic Games lawsuit show Apple brass discussing how to handle a 2015 iOS hack. The company never directly notified affected users.
AirDrop Is Leaking Email Addresses and Phone Numbers
Apple has known about the flaw since 2019 but has yet to acknowledge or fix it.
.jpg)
A New Facebook Bug Exposes Millions of Email Addresses
A recently discovered vulnerability discloses user email addresses even when they’re set to private.
Russia May Have Found a New Way to Censor the Internet
In an attempt to silence Twitter, the Kremlin appears to have developed novel techniques to restrict online content.
Watch Out—That Call of Duty: Warzone Cheat Might Be Malware
Players looking for a leg up are being duped into giving criminals a backdoor into their devices.
Gab's CTO Introduced a Critical Vulnerability to the Site
A review of the open source code shows an account under the executive's name made a mistake that could lead to the kind of breach reported this weekend.
A Barcode Scanner App With Millions of Downloads Goes Rogue
After an update in December, the app began infecting Android devices, bombarding users with ads on their default browser.