Zeljka Zorz
New Mac malware steals cookies, cryptocurrency and computing power
A new piece of Mac malware is looking to steal both the targets’ computing power and their cryptocurrency stash, Palo Alto Networks researchers warn. About the …
Google also abused its Apple developer certificate to collect iOS user data
It turns out that Google, like Facebook, abused its Apple Enterprise Developer Certificate to distribute a data collection app to iOS users, in direct contravention of …
Microsoft rolls out new tools for enterprise security and compliance teams
Microsoft has announced a number of new capabilities and improvements for tools used by enterprise administrators. New Microsoft 365 security and compliance centers The new …
Facebook to shut down iOS app that allowed for near total data access
When Apple banned its Onavo VPN app from its App Store last summer, Facebook took repackaged the app, named it “Facebook Research” and offered it for download through three …
Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65
Mozilla has released Firefox 65, which includes enhanced, configurable protection against online tracking. The organization has also published an official anti tracking policy …
Critical FaceTime bug turns iPhones, Macs into eavesdropping tools
A shocking and easily exploitable FaceTime bug allows people to listen in on other users of Apple devices by simply calling them through the service. The bug apparently …
Emotet: A veritable Swiss Army knife of malicious capabilities
Formerly just a banking Trojan, Emotet is now one of the most dangerous and multifaceted malware out there. According to Malwarebytes, it and Trickbot are part of the reason …
Facebook plans to integrate WhatsApp, Messenger and Instagram
The New York Times offers the option but is not on by default, and Instagram offers none. “This move could be potentially be good or bad for security/privacy. But given …
Vulnerable cloud infrastructure experiencing increasing attacks
Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware, Securonix researchers warn. Some attacks …
PHP PEAR supply chain attack: Backdoor added to installer
Some additional details have emerged about the recent security breach involving the PHP PEAR (PHP Extension and Application Repository) webserver, but much is still unknown. …
Cisco fixes security holes in SD-WAN, Webex, Small Business routers
Cisco has fixed a heap of security holes in a variety of its products, including a critical one affecting its SD-WAN Solution. Cisco SD-WAN vulnerabilities The most critical …
Apple delivers security patches, plugs an RCE achievable via FaceTime
Apple has released a new set of updates for its various products, plugging a wide variety of vulnerabilities. WatchOS, tvOS, Safari and iCloud Let’s start with …
Featured news
Resources
Don't miss
- RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
- Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
- What a future without CVEs means for cyber defense
- What it really takes to build a resilient cyber program
- How cybercriminals exploit psychological triggers in social engineering attacks