Ouvrir un lien ou un chemin d’accès n’est jamais sans risque, y compris dans des applications desktop classiques. Des chercheurs en sécurité de Positive Security ont détecté des failles dans une petite dizaine d’applications qui permettaient d'exécuter du code malveillant par l’intermédiaire d’un lien piégé. Ces applications sont : VLC, Telegram, LibreOffice, OpenOffice, Bitcoin Desktop Client, Nextcloud, Wireshark et Mumble.
Microsoft introduces Scareware Blocker tool with Edge browser version 133 in preview mode, seeking users' feedback.
WhatsApp alleged last week that Paragon Solutions spyware was used to target users of the messaging app in two dozen countries.
An authentication bypass flaw in the Really Simple Security WordPress plugin was fixed with the release 9.1.2, releasing forced patches.
Besides releasing the zero-day patches for its Intel-based Macs, Apple also released fixes for its iPhones, iPads, and Apple Vision.
Microsoft introduces support for third-party passkey services with the latest Windows 11 Insider Build, alongside other feature upgrades.
LastPass, the popular password management service, has issued an urgent warning to its users about an ongoing social engineering campaign targeting customers through fake reviews on the Chrome Web Store.
The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks.
The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels.
A recent update to CrowdStrike's Falcon Sensor for Windows has caused a critical issue, triggering a Blue Screen of Death (BSOD) boot loop on affected systems. This has disrupted thousands of PCs.
Cyber-security firm Crowdstrike said its update had caused the problem on computers running Windows.
The CryptoChameleon phishing kit is being leveraged by vishing attackers looking to trick LastPass users into sharing their master password.
Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident.
Google has started testing the phasing out of third-party cookies on Chrome, affecting about 1% of its users or approximately 30 million people. Learn how to check if you are part of the initial test.
China is targeting US infrastructure and laying the groundwork to wreak chaos, the FBI director warns.
Apple's Vision Pro headset isn't trackable using the Find My app. The only feature it supports is the Activation Lock, which prevents unauthorized people from erasing or resetting the device.
It’s important to have a password policy that blocks end users from creating weak passwords. But even strong passwords can be compromised.
Bosch patched the vulnerability, existing due to open port 8899, with latest thermostat firmware releases, urging users to update.
Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27.
Connect is an exclusive and private messaging and photo sharing app for your closest friends and family members. It's a simple and reliable replacement to Instagram and WhatsApp for the people you truly care about.
Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited.
