How Facebook and Google nudge users to make anti-privacy choices
Facebook, Google and Microsoft use design techniques and tricks to steer users toward sharing more information about themselves to benefit those businesses, the Norwegian …
Google lays groundwork for secure offline app distribution
Google will start adding security metadata to Android application packages (APKs) distributed via Google Play, so that users with limited internet access can check whether the …
3,000+ mobile apps leaking data from unsecured Firebase databases
Appthority published research on its discovery of a new HospitalGown threat variant that occurs when app developers fail to require authentication to Google Firebase …
Google removes inline installation option for Chrome extensions
Google is shutting down an often used vector for delivering malicious Chrome extensions to users by removing the inline installation option. What will happen? The announcement …
New Spectre-like flaw found in CPUs using speculative execution
A new flaw that can allow an attacker to obtain access to sensitive information on affected systems has been discovered in modern CPUs. CVE-2018-3639, discovered by …
Chrome to dynamically point out “Not secure” HTTP sites
Google expects HTTPS to become the default, and is preparing users for it by slowly moving Chrome towards showing only negative security indicators. Google’s own numbers …
Google will force Android OEMs to push out security patches regularly
Android P, the ninth major version of the widely-used mobile OS, is expected to be released later this year. Google has already announced a slew of security and privacy …
Amazon to kill off censorship-foiling domain fronting option
Secure messaging services and other privacy-oriented tools that rely on domain fronting to foil censorship efforts by various countries have been dealt a severe blow in the …
Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise
A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out …
Google to purge cryptomining extensions from Chrome Web Store
In a bid to prevent Chrome users’ computers being covertly used for cryptocurrency mining, Google will try to purge the Chrome Web Store of extensions that hijack …
March Patch Tuesday forecast: In like a lamb, out like a lion
It’s March and up here in the Midwest we have a saying for this early spring month, “In like a lamb, out like a lion.” Often the month of March comes with a …
Android P: Expected security and privacy improvements
Google has released a developer preview of the next version of Android, currently called “Android P.” Functional changes are many, but here’s an overview of …
Featured news
Resources
Don't miss
- ClickFix campaign delivers Mac malware via fake Apple page
- Poisoned “Office 365” search results lead to stolen paychecks
- What vibe hunting gets right about AI threat hunting, and where it breaks down
- Health insurance lead sites sell personal data within seconds of form submission
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)