DOGE software engineer’s computer infected by info-stealing malware
The presence of credentials in leaked "stealer logs" indicates his device was infected.
Dan Goodin
WhatsApp provides no cryptographic management for group messages
The weakness creates the possibility of an insider or hacker adding rogue members.
Jury orders NSO to pay $167 million for hacking WhatsApp users
The verdict is a major victory for opponents of exploit sellers.
Man pleads guilty to using malicious AI software to hack Disney employee
Fake image-generating app allowed man to download 1.1TB of Disney-owned data.
Hundreds of e-commerce sites hacked in supply-chain attack
Attack that started in April and remains ongoing runs malicious code on visitors' devices.
Microsoft’s new “passwordless by default” is great but comes at a cost
The move is part of an industry-wide push for users to adopt passkeys.
Phishing attacks that defeat MFA are easier than ever. So what are we to do?
Why multifactor authentication based on one-time-passwords and push notifications fail.
Why MFA is getting easer to bypass and what to do about it
Why multifactor authentication based on one-time-passwords and push notifications fails.
Why MFA is getting easier to bypass and what to do about it
Why multifactor authentication based on one-time passwords and push notifications fails.
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
Researchers say the behavior amounts to a persistent backdoor.