Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
Across the country, schools and colleges postpone year-end tests.
Ars Technica
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
The developer of Firefox says it has "completely bought in" on AI-assisted bug discovery.
Ars Technica
Ars Asks: Share your shell and show us your tricked-out terminals!
A celebration of the tweaks and customizations that make life easier at the CLI.
Ars Technica
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Daemon Tools users: It's time to check your machines for stealthy infections, stat.
Ars Technica
Why Reddit blocked my daily visit to its mobile website
Reddit REALLY wants you to use its app.
Ars Technica
GameStop offers $56 billion for eBay, struggles to explain how it'll pay for it
Amid falling revenue and store closures, GameStop wants to buy the much larger eBay.
Ars Technica
Ubuntu infrastructure has been down for more than a day
The outage has hampered communication concerning a critical vulnerability that gives root.
Ars Technica
The most severe Linux threat to surface in years catches the world flat-footed
CopyFail threatens multi-tenant servers, CI/CD work flows, Kubernetes containers, and more.
Ars Technica
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Security firms find themselves especially exposed.
Ars Technica
Open source package with 1 million monthly downloads stole user credentials
If you're one of millions using element-data, it's time to check for compromise.
Ars Technica
Why are top university websites serving porn? It comes down to shoddy housekeeping.
Hundreds of subdomains from dozens of universities have been hijacked by scammers.
Ars Technica
In a first, a ransomware family is confirmed to be quantum-safe
Technically speaking, there's no practical benefit to use PQC. So why is it being used?
Ars Technica
Microsoft issues emergency update for macOS and Linux ASP.NET threat
When authentication fails, things can go very, very wrong.
Ars Technica
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
A stubborn misconception is hampering the already hard work of quantum readiness.
Ars Technica
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
Grinex says needed hacking resources "available exclusively to... unfriendly states."
Ars Technica
Recent advances push Big Tech closer to the Q-Day danger zone
Here's which players are winning the race to transition to post-quantum crypto.
Ars Technica
“Negative” views of Broadcom driving thousands of VMware migrations, rival says
Western Union exec says there were "challenges" working with Broadcom.
Ars Technica
Iran-linked hackers disrupt operations at US critical infrastructure sites
As the US and Israel's war has ramped up, so too have hacks on US industrial sites.
Ars Technica
Thousands of consumer routers hacked by Russia's military
End-of-life routers in homes and small offices hacked in 120 countries.
Ars Technica
OpenClaw gives users yet another reason to be freaked out about security
The viral AI agentic tool let attackers silently gain admin unauthenticated access.
Ars Technica
New Rowhammer attacks give complete control of machines running Nvidia GPUs
GDDRHammer, GeForge and GPUBreach hammer GPU memory in ways that hijack the CPU.
Ars Technica
Quantum computers need vastly fewer resources than thought to break vital encryption
No, the sky isn't falling, but Q Day <em>is</em> coming, and it won't be as expensive as thought.
Ars Technica
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Company warns entire industry to move off RSA and EC more quickly.
Ars Technica
Self-propagating malware poisons open source software and wipes Iran-based machines
Development houses: It's time to check your networks for infections.
Ars Technica
Widely used Trivy scanner compromised in ongoing supply-chain attack
Admins: Sorry to say, but it's likely a rotate-your-secrets kind of weekend.
Ars Technica
Cloud service providers ask EU regulator to reinstate VMware partner program
Broadcom says the group is misrepresenting market "realities."
Ars Technica
Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway
One Microsoft product was approved despite years of concerns about its security.
Ars Technica