We checked and yup, it's no longer 2001. And yet you can pwn a Windows box via Notepad.exe Patch Tuesday Google guru shows how WinXP-era text code grants total control OSes13 Aug 2019 | 67
World's favourite open-source PDF interpreter needs patching (again) Still afraid of no ghost? You didn't read the script Security24 Jan 2019 | 25
When something's weird in your ImageMagick upload, who ya gonna call? Ghostbusters! Evil files bypass GhostScript sandbox, run malicious code Security23 Aug 2018 | 11
uTorrent file-swappers urged to upgrade after PC hijack flaws fixed Don't say we didn't warn you Security22 Feb 2018 | 29
Windows 10 bundles a briefly vulnerable password manager Keeper exposed punters to drive-by click-jack pwnage Security18 Dec 2017 | 27
Tavis Ormandy to Microsoft: Have another Windows Defender vuln Microsoft to Tavis: Here's the fix. Any chance we could have a day off? Security26 Jun 2017 | 9
What's got a vast attack surface and runs on Linux? Windows Defender, of course Penguinistas, rejoice: Tavis Ormandy lets you fuzz Windows OSes24 May 2017 | 51
'Crazy bad' bug in Microsoft's Windows malware scanner can be used to install malware Critical update for security engine rushed out the door OSes09 May 2017 | 78
LastPass scrambles to fix another major flaw – once again spotted by Google's bugfinders Ormandy sets snowflakes off over disclosure Security27 Mar 2017 | 36
What should password managers not do? Leak your passwords? What a great idea, LastPass Updated Critical bugs found in Chrome, Firefox add-ons Security21 Mar 2017 | 87
Cloudbleed: Big web brands 'leaked crypto keys, personal secrets' thanks to Cloudflare bug Updated Heartbleed-style classic buffer overrun blunder Security24 Feb 2017 | 49
Cisco's WebEx Chrome plugin will execute evil code, install malware via secret 'magic URL' Updated Just get rid of it Security23 Jan 2017 | 19
Adobe's naughty Chrome telemetry code had XSS problem Since patched, but a bad look for Adobe when it can't even get snoopware right Security19 Jan 2017 | 12
Kaspersky fixing serious certificate slip Updated Security smashed for 400 MEEELLION users Security04 Jan 2017 | 17
Symantec antivirus bug allows utter exploitation of memory Cross-platform nasty is simplicity itself to exploit, so get patching peeps Channel17 May 2016 | 21
It's 2016 and now your internet-connected bathroom scales can be hacked Weight to go, Internet of s*** Edge + IoT29 Apr 2016 | 64
Comodo's 'security' kit installed a lame VNC server on PCs on the sly Modern antivirus: Easily crackable password, lets malware gain admin privileges Security18 Feb 2016 | 16
Trend Micro AV gave any website command-line access to Windows PCs Updated Computers could be easily hijacked or trashed via security holes Security11 Jan 2016 | 44
Project Zero bod says antivirus black market is growing Also: keep an eye out for upcoming Kaspersky patches Security25 Sep 2015 | 8
Google cyber-knight lances Microsoft for bug-hunter 'hostilities' While revealing a Windows 0-day security flaw Security28 May 2013 | 30
Google bod exposes Sophos Antivirus' gaping holes Ormandy - Are you pleased with yourself? Probably yes Security06 Nov 2012 | 13