Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
… The specific criticisms remain unclear, but many make references to complaints about the company’s vulnerability disclosure program. …
Search
White House drastically shortens deadline for dropping quantum-vulnerable crypto
… Directs the Secretary of State to work with the National Institute of Standards and Technology, the Department of Defense and Homeland Security, the National Cyber Director, and the Director of National Intelligence to “identify and engage foreign governments and industry groups in key countries to… …
Ubuntu infrastructure has been down for more than a day
… According to a Ubuntu discussion forum on AskUbuntu.com, URLs that remained unavailable include: security.ubuntu.com jaas.ai archive.ubuntu.com canonical.com maas.io blog.ubuntu.com developer.ubuntu.com Ubuntu Security API – CVEs Ubuntu Security API – Notices academy.canonical.com ubuntu.com portal… …
Google publishes exploit code threatening millions of Chromium users
… Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. …
Apple patches eavesdropping vulnerability in Beats Studio Buds
… Carrying a severity rating of 8.8 out of 10, CVE-2025-20701 was one of three vulnerabilities resulting from last year’s disclosure by researchers Dennis Heinze and Frieder Steinmetz of security firm Insinuator about chips made by Airoha Systems. …
Linux bitten by second severe vulnerability in as many weeks
… Shortly after the disclosure, someone else leaked key details, effectively making the vulnerability a zero-day. …
Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
… Like many developers, however, Mozilla doesn’t obtain CVE listings for internally discovered security bugs. …
US scrambles to stop Internet users re-creating dead pilots’ voices
… Robert Sumwalt , former chairman of NTSB, has described how the federal agency restricts listening access to a handful of people who must first sign a log and nondisclosure agreement, with cellphones being left outside and handwritten notes being destroyed afterward. …