Apple Patches Critical Zero-Day Vulnerability Affecting iPhone Security
Apple releases urgent security updates to address a zero-day exploit that could bypass USB Restricted Mode on locked iPhones and iPads. The vulnerability, discovered by Citizen Lab researcher Bill Marczak, has been actively exploited in sophisticated targeted attacks.
Facebook's AI System Mistakenly Labels Linux Content as Security Threat
Facebook's content moderation system is flagging and blocking Linux-related discussions and posts, categorizing them as cybersecurity threats. The controversial move has affected prominent sites like DistroWatch and Linux community groups, despite Facebook itself relying heavily on Linux infrastructure.
Google Eases Device Fingerprinting Restrictions in Quiet Policy Update
Google has quietly reversed its stance on digital fingerprinting, now permitting advertisers to track users through device identifiers. This significant policy shift enables enhanced user tracking capabilities while raising fresh privacy concerns, highlighting the ongoing tension between advertising practices and user privacy.
Security Researcher Exposes Critical USB-C Vulnerability in Apple Devices
A security researcher successfully hacked Apple's ACE3 USB-C controller used in recent iPhones and MacBooks, revealing potential security risks. The hack, demonstrated at a cybersecurity conference, could allow malicious actors to exploit USB-C connections for unauthorized access and firmware manipulation.
Apple iMessage Security Flaw Exploited in Sophisticated Phishing Scam
A new wave of SMS phishing attacks targeting iPhone users exploits iMessage's security features by tricking users into disabling link protection. The scam uses deceptive messages that prompt responses, automatically removing safeguards against malicious links.
Security Researcher Hacks iPhone 15's USB-C Controller, Exposing New Vulnerabilities
A groundbreaking hack of Apple's ACE3 USB-C controller in iPhone 15 devices has revealed potential security implications. Researcher Thomas Roth successfully achieved code execution and ROM access through advanced techniques, laying groundwork for future security research.
Security Flaw: Chrome Extensions Exploit Translation System to Manipulate Search Rankings
Hundreds of malicious Chrome extensions are gaming the Web Store's search results by abusing language translation features. Security researcher Wladimir Palant uncovered 920 extensions exploiting this vulnerability, raising concerns about Google's commitment to store security.
Cisco Confirms Second Data Leak from DevHub Platform
Cisco validates the authenticity of 4GB of leaked data from their DevHub developer platform, marking the second breach connected to an October 2024 security incident. The company maintains its core systems remain secure despite the exposure of product source code and development resources.
Massive VW Data Breach Exposes Location Data of 800,000 Electric Vehicles
A critical security lapse by Volkswagen's Cariad subsidiary left sensitive location data of 800,000 EVs exposed on an unsecured cloud server for months. The breach enabled detailed tracking of vehicle owners' movements across multiple European countries, including German politicians.
FTC Investigates Microsoft's Federal Cybersecurity Contracts Over Antitrust Concerns
The FTC has launched a probe into Microsoft's cybersecurity dealings with federal agencies following the 2020 SolarWinds attack, examining potential antitrust violations. The investigation focuses on how Microsoft's free security trials allegedly led to expensive subscriptions and vendor lock-in across government systems.