Security This Week

Signal says no to Windows 11's Recall screenshots

Chinese ‘kill switches' found hidden in US solar farms

You can now submit your claims for Apple's $95 million Siri spying settlement

Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks

Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices

Funding Expires for Key Cyber Vulnerability Database

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

Protect Yourself from Identity Theft and Fraud

National Security Officials Were Warned in February That Signal Was Vulnerable to Attack

Millions Of RSA Keys Expose Serious Flaws That Can Be Exploited

Undocumented commands found in Bluetooth chip used by a billion devices

Malicious Chrome extensions can spoof password managers in new attack

Microsoft deploys new state of matter in its first quantum computing chip

DOGE's .gov site lampooned as coders quickly realize it can be edited by anyone

UK orders Apple to open up users' encrypted cloud data, report says

DeepSeek exposed internal database containing chat histories and sensitive data

Millions of Accounts Vulnerable due to Google's OAuth Flaw

Hackers have devised a simple text scam to bypass Apple's iPhone protections

Volkswagen leak exposed location data for 800,000 electric cars

Urgent New Gmail Security Warning For Billions As Attacks Continue

The numbers are almost incomprehensible!

Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States

FBI Warns iPhone And Android Users—Stop Sending Texts

Fortinet VPN design flaw hides successful brute-force attacks

Ruthless sextortion scammers now threatening to show up at your house

Schneider Electric ransomware crew demands $125k paid in baguettes

Hacked U.S. robot vacuums are yelling racial slurs and chasing pets!

https://thehackernews.com/2024/10/microsoft-reveals-macos-vulnerability.html

Hacking with a BBQ Lighter: The Unlikely Method to Gain Laptop Access

Lamborghini Carjackers Lured by $243M Cyberheist

Large language models hallucinating non-existent developer packages could fuel supply chain attacks

Severe Unauthenticated RCE Flaw (CVSS 9.9) in GNU/Linux Systems Awaiting Full Disclosure

New Details of Hezbollah Exploding Pagers' Supply Chain Emerge

New PIXHELL acoustic attack leaks secrets from LCD screen noise

Researchers find SQL injection to bypass airport TSA security checks

Windows Downdate tool lets you 'unpatch' Windows systems

Major Backdoor in Millions of RFID Cards Allows Instant Cloning

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Ronin Network hacked, $12 million returned by "white hat" hackers

Deleted GitHub data is forever accessible to anyone, researchers claim

We have a lot to say about last week's CrowdStrike incident

US Disrupts AI-Powered Russian Bot Farm on X

Dev rejects CVE severity, makes his GitHub repo read-only

Mitigating Skeleton Key is a new type of generative AI jailbreak technique

Microsoft Delays AI-Powered Recall Feature for Copilot+ PCs Amid Security Concerns

Microsoft Ignored Whistleblower Warnings Before SolarWinds Attack