Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited.
Security / Cyberattacks and Hacks
Popular HR and Payroll Company Sequoia Discloses a Data Breach
The company, which works with hundreds of startups, said it detected unauthorized access to personal data, including Social Security numbers.
Apple Expands End-to-End Encryption to iCloud Backups
The company will also soon support the use of physical authentication keys with Apple ID, and is adding contact verification for iMessage in 2023.
Scammers Are Scamming Other Scammers Out of Millions of Dollars
On cybercrime forums, user complaints about being duped may accidentally expose their real identities.
China’s Police State Targets Zero-Covid Protesters
Plus: ICE accidentally doxes asylum seekers, Google fails to uphold a post-Roe promise, and LastPass suffers the second breach this year.
Android Phone Makers’ Encryption Keys Stolen and Used in Malware
.jpg)
Device manufacturers use “platform certificates” to verify an app’s authenticity, making them particularly dangerous in the wrong hands.
Google Moves to Block Invasive Spanish Spyware Framework
The Heliconia hacking tool exploited vulnerabilities in Chrome, Windows Defender, and Firefox, according to company security researchers.
The Hunt for the Kingpin Behind AlphaBay, Part 6: Endgame
With AlphaBay shuttered, Operation Bayonet enters its final phase: driving the site’s refugees into a giant trap. But one refugee hatched his own plan.
The Hunt for the Dark Web’s Biggest Kingpin, Part 5: Takedown
After months of meticulous planning, investigators finally move in to catch AlphaBay’s mastermind red-handed. Then the case takes a tragic turn.
A Destabilizing Hack-and-Leak Operation Hits Moldova
Plus: Google’s location snooping ends in a $391 million settlement, Russian code sneaks into US government apps, and the World Cup apps set off alarms.