Chaos: a powerful malware infecting multiple systems and architectures
Malicious software can infect Windows, Linux, FreeBSD and several chip architectures
Someone hacked Fast Company and sent obscene, racist Apple News push alerts
The publication has shut down its website
Facebook users are suing Meta for tracking them through a loophole on iOS
Meta insists that there is no merit behind the claims
Python affected by 15-year-old bug that keeps on giving
In brief: The Python programming language is being impacted by security issue programmers have know about for a while. Trellix researchers recently rediscovered a bug, highlighting the risk for hundreds of thousands of software projects and creating patches for tens of thousands of them.
SEC fines Morgan Stanley $35 million after exposing customer data on 1,000 auctioned hard drives
This is why we can't have nice things
GTA 6 leakers may be the target of an FBI investigation
The leakers are gonna have a five-star wanted level of their own
Watch out for phishing emails from 2K Games Support, it was hacked
When it rains, it pours: Still reeling from a GTA 6 leak over the weekend, Take-Two got nailed with another data breach. This time it was subsidiary 2K Games taking the hit when a hacker accessed an internal support account and began sending out official 2K emails with links to a phishing website. It is still unclear if Take-Two has contained the intrusion and how many customers were affected, but the entire 2K support division is shut down until further notice.
Browser-based spell check from Google and Microsoft can lead to stolen personal data
Enhanced spell check and MS Editor lead to concerns far beyond bad spelling
Hackers are spreading malware through YouTube channels promoting game cheats
Watch out for "Link in the Description"
WTF?! Gamers looking to download cheats and cracks should beware of links in YouTube video descriptions. Hackers may have compromised the channels hosting the videos, turning them into vectors for spreading malware that can steal login credentials.
Akamai curbed a new record DDoS attack against one of its European customers
The same client was hit by another huge traffic flow in July
Uber confirms "cybersecurity incident" after 18-year-old claimed to be behind massive breach
It's unclear whether he accessed customer data
What just happened? Uber is investigating a cybersecurity incident that has compromised many of its internal systems, giving the hacker, who says he is just 18 years old, almost complete access to the company's network. The breach is thought to be as bad as or worse than the 2016 incident that exposed the details of 57 million customers.
FIFA 23 and other EA titles will come with controversial "kernel-mode" anti-cheat software
In context: Nothing can ruin a multiplayer game faster than rampant cheating, so it's no surprise that developers go to great lengths to devise ways to mitigate it. One controversial method is to install kernel-mode drivers that monitor for anything that tries to tamper with the game's software. However, many players are not comfortable with granting such low-level privileges.
Researchers publicly warn that multiple HP firmware vulnerabilities remain unpatched after a year
In brief: Several HP enterprise devices are running firmware containing as many as six unpatched security holes that allow arbitrary code execution. Some of them are at least a year old, and researchers publicly disclosed all of them over a month ago. As of this writing, all remain unpatched.
Steam users warned of sophisticated browser-in-the-browser phishing attack
A lot more convincing than a phishing email
In brief: Steam users are being warned about a new attack tricking people into handing over their account credentials via a browser-in-the-browser phishing technique. Competitive and professional gamers are being targeted, as is anyone with a high-value account.
Former US ambassador warns about data tracking, says the US is making China's surveillance job easier
Big quote: The Federal Trade Commission asked for opinions about data economy and commercial surveillance, and former US ambassador Karen Kornbluh described the situation with grave and unambiguous words.
New zero-day vulnerability in BackupBuddy plugin leaves WordPress users at risk
The vulnerability could allow unauthenticated users to download sensitive information and files from affected servers
GameStop "wiretapped" customers without consent, claims lawsuit
It sold secret transcripts to a marketing firm to build profiles using personal information
Minecraft, FIFA, and Roblox have the most gaming-related cyberthreats
Far Cry players should watch out for cryptojackers
QNAP battles yet another DeadBolt ransomware campaign, issues patch for NAS devices
A new fix for a zero-day flaw already exploited in the wild
Instagram hit by record $400M fine in Europe for mishandling children's data
The Meta-owned social network will appeal the decision by Irish regulators
Peter Eckersley, tech activist and founder of Let's Encrypt, dies at 43
The Australian computer scientist fought for privacy, net neutrality and ethics for artificial intelligence
China accuses United States of hacking top space and aviation university
China says the NSA was behind a phishing campaign
Security researchers successfully hijack Windows 11's Power Automate tool
A tool that helps users could also help hackers
Newly identified browser bug allows websites to overwrite clipboard content
The text can be replaced with fraudulent URLs, addresses, or other malicious information