Using WinRAR? Be sure to patch against these code execution bugs…

Imagine if you clicked on a harmless-looking image, but an unknown application fired up instead...

S3 Ep146: Tell us about that breach! (If you want to.)

Serious security stories explained clearly in plain English - listen now. (Full transcript available.)

S3 Ep144: When threat hunting goes down a rabbit hole

Latest episode - check it out now!

Urgent! Apple fixes critical zero-day hole in iPhones, iPads and Macs

Don't delay, do it today. This is a code-implantation bug in WebKit that attackers already know how to exploit.

S3 Ep136: Navigating a manic malware maelstrom

Latest episode - listen now. Full transcript inside...

Ransomware tales: The MitM attack that really had a Man in the Middle

Another traitorous sysadmin story, this one busted by system logs that gave his game away...

Bootkit zero-day fix – is this Microsoft’s most cautious patch ever?

When blocking buggy bootup modules, you have to be really careful not to lock your keys inside the car...

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...

Einstein tilings – the amazing “Hat” shape that never repeats!

Imagine tiling a whole football field using a single shape... yet not being able to produce a repeating pattern, even if you wanted to.

The horror! The horror! NOTEPAD gets tabbed editing (very briefly)

Is there a special meaning of "don't" that means "go right ahead"?

Critical “10-out-of-10” Linux kernel SMB hole – should you worry?

It's serious, it's critical, and you could call it severe... but in HHGttG terminology, it's probably "mostly harmless".

How to hack an unpatched Exchange server with rogue PowerShell code

Review your servers, your patches and your authentication policies - there's a proof-of-concept out

Zoom for Mac patches sneaky “spy-on-me” bug – update now!

Hey! That back door isn't supposed to be there at all, let alone propped open...

Paying ransomware crooks won’t reduce your legal risk, warns regulator

"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?

S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]

Latest episode - lots to learn - plain English - fun with a serious side - listen now!

“VMware Spring Cloud Function” Java bug gives instant remote code execution – update now!

Easy unauthenticated remote code execution - PoC code already out