API Security
This SUCKS: ‘Cars Are a Privacy Nightmare,’ Mozilla Fumes
IoT cars considered harmful: Own a car? Care about your privacy? Mozilla Foundation has bad news for you ...
Sourcegraph’s Shocking Screwup: Private Secrets in Public Repo
Credentials create crisis: AI source code navigation LLM leaks PII after DevOps SNAFU ...
BadBazaar: Chinese Spyware Shams Signal, Telegram Apps
After sneaking into Google and Samsung app stores, “GREF” APT targets Uyghurs and other PRC minorities ...
Did Russia Hack Poland’s Trains? MSM Says Yes, but … Well, You Decide
Train Phreaking: It depends what you mean by “hack” (and by “Russia”) ...
Lapsus$ Jury Says Teen Duo Did Do Crimes
Arion Kurtaj and anon minor: Part of group that hacked Uber, Nvidia, Microsoft, Rockstar Games and many more ...
Ransomware Robs Realtors — Rapattoni MLS-aaS Down: Day 8 and Counting
MLS FAIL: Home listings SaaS dead in the water as real estate agents lose leads ...
‘Sabotage the Factory’ — 16 Big Bugs in Codesys ICS/OT/SCADA Software
CoDe16 FAIL: Researchers unveil high-severity vulns in Codesys Control, used in millions of devices ...
Teenage Hackers Must be Stopped: US DHS’s CSRB Report
2FA SMS FAIL: Lapsus$ social engineers exploited weak two-factor authentication. Something must be done! (Well, this is something.) ...
Ransomware in Schools: White House Wants Action NOW
Don’t make me tap the sign: Biden administration hosts summit; bangs heads together from government, school districts and industry ...