Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges

A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft ...

How a USB-connected speaker can infect a PC without ever being touched

CTP allows devices connected via Bluetooth or USB to send commands to the speaker, such as changing LED colors and equalizer ...

North Koreans behind nearly half of US tech industry hacks, says CrowdStrike

North Koreans hackers posing as remote IT workers and recruiters remain a major threat to U.S., European, and Asian companies ...
Hackaday

If You Want To Hack Me, Come In Through The Speaker

Some security hacks require someone to have physical access to your computer. In many cases, that’s easy to mitigate. Other ...

Webcam-hacking Minecraft malware is disguising itself as mods, and it's infected thousands of PCs

The malware, built to look like Minecraft launchers and mods, gives hackers access to your screen, files, webcam, accounts, ...
The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...

Critical UniFi OS bug lets hackers gain root without authentication

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root ...
ABC 7 Chicago

Gen Z hacker 'thankful that I got caught' after student data breach hits thousands in Chicagoland

CHICAGO (WLS) -- A massive data breach impacted thousands of students and their parents in Chicago's suburbs, and the man behind it was only 19 the time. Now, ABC News and the ABC7 I-Team are talking ...

High-severity vulnerability in Linux caused by a single faulty character

Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by ...
Techlicious

FTC warns: Fake CAPTCHAs are installing malware

The FTC is warning about fake CAPTCHAs that install malware to steal your passwords and banking credentials. Here's how to ...
Graham Cluley

Smashing Security podcast #470: This AI security flaw might be impossible to fix

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.