Zeljka Zorz
8 months of GDPR: 59,000+ reported breaches, 91 fines
A little over eight months have passed since the EU General Data Protection Regulation (GDPR) became enforceable, but it’s becoming clear that sweeping data breaches …
Malicious macros can trigger RCE in LibreOffice, OpenOffice
Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and …
The problem with vulnerable IoT companion apps
There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many …
Google’s new Chrome extension flags insecure passwords
As the number of compromised and leaked credentials rises inexorably with each passing day, Google has decided to help users choose safe combinations for all their online …
70 real-life hackers and cybersecurity practitioners share their personal insights
Entering the information security industry can be a formidable undertaking and renowned professionals often seem larger than life and unapproachable (even though most are on …
Most Magento shops get compromised via vulnerable extensions
Vulnerable third party extensions (modules) are now the main source of Magento hacks, says security researcher and Magento forensics investigator Willem de Groot. “The …
Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users
5G cellular mobile communications, when implemented, are expected to provide high bandwidth, low latency, energy savings, better connectivity, but security and privacy must …
New Mac malware steals cookies, cryptocurrency and computing power
A new piece of Mac malware is looking to steal both the targets’ computing power and their cryptocurrency stash, Palo Alto Networks researchers warn. About the …
Google also abused its Apple developer certificate to collect iOS user data
It turns out that Google, like Facebook, abused its Apple Enterprise Developer Certificate to distribute a data collection app to iOS users, in direct contravention of …
Microsoft rolls out new tools for enterprise security and compliance teams
Microsoft has announced a number of new capabilities and improvements for tools used by enterprise administrators. New Microsoft 365 security and compliance centers The new …
Facebook to shut down iOS app that allowed for near total data access
When Apple banned its Onavo VPN app from its App Store last summer, Facebook took repackaged the app, named it “Facebook Research” and offered it for download through three …
Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65
Mozilla has released Firefox 65, which includes enhanced, configurable protection against online tracking. The organization has also published an official anti tracking policy …
Featured news
Resources
Don't miss
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
- Acrobat Reader zero-day exploited in the wild for many months
- AI agent intent is a starting point, not a security strategy
- Asqav: Open-source SDK for AI agent governance
- BlueHammer: Windows zero-day exploit leaked