NPM package with 3 million weekly downloads had a severe vulnerability

Getty Images reader comments 10 with 9 posters participating Share this story Popular NPM package “pac-resolver” has fixed a severe remote code execution (RCE) flaw. The pac-resolver package receives over 3 million weekly downloads, extending this vulnerability to Node.js applications relying on the open source dependency. Pac-resolver touts itself as a module that accepts JavaScript […]

Windows 11 arrives on October 5, Android apps will come later

reader comments 72 with 49 posters participating Share this story Windows 11 is no longer merely “coming this fall.” Microsoft will begin releasing the new operating system to the public on October 5, starting with newer PCs (and PCs being sold in stores) and then rolling out to other supported systems over the next nine […]

Coinbase erroneously reported 2FA changes to 125,000 customers

Enlarge / On Friday afternoon, Coinbase sent email and SMS text messages to 125,000 customers, erroneously telling them that their 2FA settings had been changed. reader comments 35 with 30 posters participating, including story author Share this story Cryptocurrency exchange Coinbase sent an automated message to a large number of its customers on Friday, saying […]

Not enough backup power: AT&T and T-Mobile suffer big outages in Louisiana

Enlarge / LaPlace, Louisiana: Jacqueline Smith waits with her mother Lucille Matthew for transportation after they were rescued from their flooded neighborhood in the aftermath of Hurricane Ida on August 30, 2021. Getty Images | Scott Olson reader comments 25 with 19 posters participating Share this story AT&T today said that only 60 percent of […]

A bad solar storm could cause an “Internet apocalypse”

Enlarge / Even if the power comes back after the next big solar storm, the internet may not. Jean Claude Moschetti | REA | REDUX reader comments 15 with 10 posters participating Share this story Scientists have known for decades that an extreme solar storm, or coronal mass ejection, could damage electrical grids and potentially […]

“Worst cloud vulnerability you can imagine” discovered in Microsoft Azure

Enlarge / Cosmos DB is a managed database service offering—including both relational and noSQL data structures—belonging to Microsoft’s Azure cloud infrastructure. reader comments 61 with 29 posters participating, including story author Share this story Cloud security vendor Wiz announced yesterday that it found a vulnerability in Microsoft Azure’s managed database service, Cosmos DB, that granted […]

Need to get root on a Windows box? Plug in a Razer gaming mouse

Enlarge / This is definitely not a Razer mouse—but you get the idea. reader comments 61 with 44 posters participating, including story author Share this story This weekend, security researcher jonhat disclosed a long-standing security bug in the Synapse software associated with Razer gaming mice. During software installation, the wizard produces a clickable link to the […]

Nude hunt: LA phisherman accessed 4,700 iCloud accounts, 620K photos

Enlarge / The Internet is unfortunately packed full of criminals seeking to steal sexual (or sexualizable) images from privately held cloud backup accounts. reader comments 12 with 10 posters participating, including story author Share this story The LA Times reported this week that Los Angeles man Hao Kuo “David” Chi pled guilty to four federal […]

President Biden to host infosec roundtable with tech giant CEOs

Enlarge / If there’s any single photo that better encapsulates the state of enterprise information security in 2021, we weren’t able to find it. reader comments 37 with 28 posters participating, including story author Share this story Unnamed sources told Bloomberg that the White House will host a meeting between President Joe Biden and some of […]