Is HONK nothing sacred HONK? It's 2019 and an evil save file can pwn much-loved HONK Untitled Goose Game Please don't forget to HONK deserialize your data safely HONK Security29 Oct 2019 | 24
MacOS 'Catalina' 10.15 comes packed with exclusive security fixes – gee, thanks, Apple New OS squashes bugs, older versions may have to wait OSes07 Oct 2019 | 22
Life's certainties: Death, taxes, and Cisco patching more serious vulnerabilities Switchzilla closes off 18 CVE-listed holes, get to work Security04 Oct 2019 | 7
Medic! Uncle Sam warns hospitals not to use outdated IPnet freely on their networks Meanwhile ransomware forces Alabama doctors to turn away non-urgent patients Security02 Oct 2019 | 15
Jamf emits mystery security fix for Pro macOS, iOS wrangler, keeps admins in dark by censoring chatter iAdmins steaming over handling of 'critical' patch rollout OSes01 Oct 2019 | 7
Stop us if you've heard this one before: Yet another critical flaw threatens Exim servers Remote code flaw sparks calls for major updates OSes30 Sep 2019 | 15
Microsoft changes encryption, another D-Link bug, phishing dangers, and more Roundup Plus, Baltimore's disastrous ransomware infection and worse IT practices Security30 Sep 2019 | 14
Got a pre-A12 iPhone? Love jailbreaks? Happy Friday! 'Unpatchable tethered Boot ROM exploit' released Coder claims iThings older than two years can be unlocked from Apple's clutches OSes27 Sep 2019 | 40
Hot patches for ColdFusion: Adobe drops trio of fixes for three serious flaws While you're at it, fix Java too Security25 Sep 2019 | 4
This vBulletin vBug is vBad: Zero-day exploit lets miscreants hijack vulnerable web forums Updated Hackers can inject system commands via version 5 of software, no patch available Security24 Sep 2019 | 8
If you're using Harbor as your container registry, bear in mind it can be hijacked with has_admin_role = True Video Patch now before miscreants sail off with your apps, data Security19 Sep 2019 | 2
That Telegram feature that let you delete your private messages on recipients' phones? It didn't work properly VIdeo Infosec bod bags reward for spotting image privacy bug Security09 Sep 2019 | 18
Exim marks the spot… of remote code execution: Patch due out today for 'give me root' flaw in mail server Install incoming update to avoid having your boxes hijacked OSes06 Sep 2019 | 13
Too bad, so sad, exploit devs: Google patches possibly several million dollars' worth of security flaws in Android Except one – a 'your phone is now my phone' bug reported months ago and still not fixed Security05 Sep 2019 | 5
Fancy buying a compact and bijou cardboard box home in a San Francisco alley? This $2.5m Android bounty will get you nearly there Bug seller Zerodium boosts payouts for 'droid, slashes iOS prices in half Security04 Sep 2019 | 7
Enjoy the holiday weekend, America? Well-rested? Good. Supermicro server boards can be remotely hijacked Virtual USB hub allows attackers to get into BMCs Security03 Sep 2019 | 52
JACK OF ALL TIRADES: Twitter boss loses account to cunning foul-mouthed pranksters Roundup Plus a Cisco bug, dentists bitten by malware, and France takes down a worm Security31 Aug 2019 | 14
Google takes a little more responsibility for its Android world, will cough up bounties for mega-popular app bugs Payouts extended to anything with more than 100m installs Security29 Aug 2019 | 6
Can't bear to part with that well-worn copy of Windows 7? Microsoft might let you keep it updated an extra year EA and ESA subscribers can get 12 free months of updates OSes27 Aug 2019 | 133
Steam cleaned of zero-day security holes after Valve turned off by bug bounty snub outrage Security bod may be invited back into vuln reward program, Half-Life 3 still ain't happening Security22 Aug 2019 | 11
Disgruntled bug-hunter drops Steam zero-day to get back at Valve for refusing him a bounty EoP bug now free for the world to see after bounty was rejected Security22 Aug 2019 | 100
The Joy of Six... critical security patches: Cisco small biz switches open to hijacking via web UI Plus UCS and other gear need updates Security22 Aug 2019 | 3
Stuff like sophisticated government spyware is scary and all – but don't forget, a single .wmv file can pwn you via VLC Keep your media player, like other apps, up to date: 13 security flaws fixed Security21 Aug 2019 | 15
Kaspersky and Trend Micro get patch bonanza after ID flaw and password manager holes spotted Quis custodiet ipsos custodes? Software15 Aug 2019 | 2
Intel: Listen up, you NUC-leheads! Mini PCs and compute sticks just got a major security fix Chipzilla patches firmware, drivers, SDKs Security14 Aug 2019 | 4
Dear hackers: If you try to pwn a website for phishing, make sure it's not the personal domain of a senior Akamai security researcher Exclusive Crooks fail to hijack infosec bloke's site to dress it up as a legit Euro bank login page Security29 Jul 2019 | 62
Dodgy vids can hijack PCs via VLC security flaw, US, Germany warn. Software's makers not app-y with that claim Updated 'Fake news!' dev team cries Security23 Jul 2019 | 21
Huawei website ████ ██████ security flaws ██████ customer info and biz operations at risk: ███████ patched Is this the Chinese giant's Winnie the Pooh moment? Security09 Jul 2019 | 38
Cisco delivers Patch Tuesday warmup with bundle of 18 bug fixes Unified Comms, Jabber among targets for clean-up Security05 Jul 2019 | 4
July is here – and so are the latest Android security fixes. Plenty of critical updates for all Patch, punch, it's the first of the month Security01 Jul 2019 | 29
Millions of Windows Dell PCs need patching: Give-me-admin security gremlin found lurking in bundled support tool Updated Can't spell SupportAssist without 'ass' and 'u' – other makers may be hit, too Security20 Jun 2019 | 15
Digi-dosh exchange Coinbase: Someone tried to pwn our staff via this week's Firefox zero-day security hole Patch released after crypto-currency biz sounded alarm Security20 Jun 2019 | 5
This is grim, Vim and Neovim: Opening this crafty file in your editor may pwn your box. Patch now if not already Welcome to Vim Sh*tty 2000 OSes12 Jun 2019 | 60
It's that time again: Android kicks off June's patch parade with fixes for five hijack holes Updates are on the way… if you have a Google device, at least Security05 Jun 2019 | 17
Git your patches here! GitHub offers to brew automatic pull requests loaded with vuln fixes Your repo's dependencies need updating to close a hole? We're way ahead of you, pal Security30 May 2019 | 8
Two weeks after Microsoft warned of Windows RDP worms, a million internet-facing boxes still vulnerable If you haven't patched CVE-2019-0708 aka BlueKeep, then, well, now would be a good time OSes28 May 2019 | 51
Oracle splats 300 vulns in MySQL, Database, Fusion, etc, pours fresh brew of Java SE terms Multiple pre-auth remote code exec holes need pasting over, enterprise IT giant warns Databases16 Apr 2019 | 22
Juniper slips out update after hardcoded credentials left in switches Telemetry Interface blamed for exposed gRPC passwords Security11 Apr 2019 | 8
As you wrap up this month's patch installs, don't forget these Intel fixes Chipzilla kicks out firmware patches plus a side channel Spoiler alert Security11 Apr 2019 | 6
A patchy Apache a-patchin: HTTP server gets fix for worrying root access hole Rogue 'worker' processes can sneak in with elevated privileges at startup Security03 Apr 2019 | 10
Don't be an April Fool: Update your Android mobes, gizmos to – hopefully – pick up critical security fixes Meanwhile, another Edge, IE zero-day emitted online Security02 Apr 2019 | 31
Cisco emits 25 security bug fixes for IOS, takes second crack at patching WAN router SNAFUs Updated Oh no, these patches kinda blow, go go Switchzilla! Networks27 Mar 2019 | 2
Thought you were done patching this week? Not if you're using an Intel-powered PC or server Here comes Chipzilla with a big bunch of security fixes for graphics drivers, server and workstation firmware, and more Security14 Mar 2019 | 14
Tech security at Equifax was so diabolical, senators want to pass US laws making its incompetence illegal Now Homeland Security committee sticks the boot in Security08 Mar 2019 | 60
No RESTful the wicked: If your website runs Drupal, you need to check for security updates – unless you enjoy being hacked PUT, PATCH, POST, PWNED! Security20 Feb 2019 | 4
At least Sony offered a t-shirt, says macOS flaw finder: Bug bounties now for Macs if you want this 0-day, Apple Vid Cupertino's tight-wads called out by fella who found password, private key leak OSes07 Feb 2019 | 41
I won't bother hunting and reporting more Sony zero-days, because all I'd get is a lousy t-shirt Analysis It's 2019. Should billion-dollar corps do better than offer swag for vulns? Security05 Feb 2019 | 61
Thought Patch Tuesday was a load? You gotta check out this Oracle mega-advisory, then And you'll definitely want to check out the libssh flaw Databases16 Oct 2018 | 13
Hunt for Red Bugtober: US military's weapon systems riddled with security holes – auditors Death from a-bug. Dr Strange-bug. Top Bug. We could do this all day... Security15 Oct 2018 | 18
WebSphere and loathing in New York: IBM yanks buggy application server security fix from admins Patched server, or working server. Pick one... Security11 Oct 2018 | 7
Microsoft silently fixes security holes in Windows 10 – dumps Win 7, 8 out in the cold Versions in use by millions lag behind latest OS, leaving systems vulnerable to attack Security06 Oct 2017 | 229
Feelin' safe and snug on Linux while the Windows world burns? Stop that I shoulda patched what now? OSes06 Jul 2017 | 123
Enterprise patching... is patchy, survey finds How difficult can it possibly be? Very, apparently Security05 Jun 2017 | 26
Microsoft patched more Malware Protection Engine bugs last week Redmond's out-of-band advisory landed after the bugs were fixed Security29 May 2017 | 15
Ransomware hits Australian hospitals after botched patch WannaCry? Minister says data is safe, so save your tears for now Security25 May 2017 | 13
Wannacry: Everything you still need to know because there were so many unanswered Qs Vid How it first spread, Win XP wasn't actually hit, and more Security20 May 2017 | 111
Do we need Windows patch legislation? Poll Should vendors be obliged to maintain ageing, unsafe PCs? Security16 May 2017 | 257
Why Microsoft's Windows game plan makes us WannaCry Analysis Oh, 'collective responsibility' – that old chestnut Security16 May 2017 | 186
While Microsoft griped about NSA exploit stockpiles, it stockpiled patches: Friday's WinXP fix was built in February Exclusive And it took three months to release despite Eternalblue leak Security16 May 2017 | 154
It's 2017 – and your Mac, iPad, iPhone can all be pwned by an e-book Seven Apple updates, because it's not like you had anything else to patch today OSes16 May 2017 | 33
Ransomware scum have already unleashed kill-switch-free WannaCrypt variant Researchers warn over new Uiwix strain Security15 May 2017 | 128
Microsoft to spooks: WannaCrypt was inevitable, quit hoarding Monday wrap: “kill switch” holding for now; new versions emerging; patch what you can Security14 May 2017 | 176