Ubuntu infrastructure has been down for more than a day
The outage has hampered communication concerning a critical vulnerability that gives root.
Ars Technica
The most severe Linux threat to surface in years catches the world flat-footed
CopyFail threatens multi-tenant servers, CI/CD work flows, Kubernetes containers, and more.
Ars Technica
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Security firms find themselves especially exposed.
Ars Technica
Open source package with 1 million monthly downloads stole user credentials
If you're one of millions using element-data, it's time to check for compromise.
Ars Technica
Why are top university websites serving porn? It comes down to shoddy housekeeping.
Hundreds of subdomains from dozens of universities have been hijacked by scammers.
Ars Technica
In a first, a ransomware family is confirmed to be quantum-safe
Technically speaking, there's no practical benefit to use PQC. So why is it being used?
Ars Technica
Microsoft issues emergency update for macOS and Linux ASP.NET threat
When authentication fails, things can go very, very wrong.
Ars Technica
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
A stubborn misconception is hampering the already hard work of quantum readiness.
Ars Technica
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Grinex says needed hacking resources "available exclusively to... unfriendly states."
Ars Technica
Recent advances push Big Tech closer to the Q-Day danger zone
Here's which players are winning the race to transition to post-quantum crypto.
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Western Union exec says there were "challenges" working with Broadcom.
Ars Technica
Iran-linked hackers disrupt operations at US critical infrastructure sites
As the US and Israel's war has ramped up, so too have hacks on US industrial sites.
Ars Technica
Thousands of consumer routers hacked by Russia's military
End-of-life routers in homes and small offices hacked in 120 countries.
Ars Technica
OpenClaw gives users yet another reason to be freaked out about security
The viral AI agentic tool let attackers silently gain admin unauthenticated access.
Ars Technica
New Rowhammer attacks give complete control of machines running Nvidia GPUs
GDDRHammer, GeForge and GPUBreach hammer GPU memory in ways that hijack the CPU.
Ars Technica
Quantum computers need vastly fewer resources than thought to break vital encryption
No, the sky isn't falling, but Q Day <em>is</em> coming, and it won't be as expensive as thought.
Ars Technica
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Company warns entire industry to move off RSA and EC more quickly.
Ars Technica
Self-propagating malware poisons open source software and wipes Iran-based machines
Development houses: It's time to check your networks for infections.
Ars Technica
Widely used Trivy scanner compromised in ongoing supply-chain attack
Admins: Sorry to say, but it's likely a rotate-your-secrets kind of weekend.
Ars Technica
Cloud service providers ask EU regulator to reinstate VMware partner program
Broadcom says the group is misrepresenting market "realities."
Ars Technica
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
One Microsoft product was approved despite years of concerns about its security.
Ars Technica
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Internet-exposed devices that give BIOS-level access? What could possibly go wrong?
Ars Technica
Supply-chain attack using invisible code hits GitHub and other repositories
Unicode that's invisible to the human eye was largely abandoned—until attackers took notice.
Ars Technica
The who, what, and why of the attack that has shut down Stryker's Windows network
Company says it doesn't know how long it will take to restore its Microsoft environment.
Ars Technica
14,000 routers are infected by malware that's highly resistant to takedowns
Most of the devices are made by Asus and are located in the US.
Ars Technica
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
The long, strange trip of a large assembly of advanced iOS exploits.
Ars Technica
Amazon appears to be down, with over 20,000 reported problems
Problems viewing products and checking out.
Ars Technica