Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day

Another month, another patch for in-the-wild iPhone malware (and a whole lot more).

S3 Ep144: When threat hunting goes down a rabbit hole

Latest episode - check it out now!

Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!

All Apple users have zero-days that need patching, though some have more zero-days than others.

PaperCut security vulnerabilities under active attack – vendor urges customers to patch

If you have the product, but you haven't patched - well, the crooks have now landed, so please don't delay. Do it today...

Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot

Is Secure Boot without the Secure just "Boot"?

Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads

That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices - patch now!

Popular server-side JavaScript security sandbox “vm2” patches remote execution hole

The security error was in the error handling system that was supposed to catch potential security errors...

Apple issues emergency patches for spyware-style 0-day exploits – update now!

A bug to hack your browser, then a bug to pwn the kernel... reported from the wild by Amnesty International.

Apple patches everything, including a zero-day fix for iOS 15 users

Got an older iPhone that can't run iOS 16? You've got a zero-day to deal with! That super-cool Studio Display monitor needs patching, too.

Microsoft fixes two 0-days on Patch Tuesday – update now!

An email you haven't even looked at yet could be used to trick Outlook into helping crooks to logon as you.

S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]

Latest episode - listen now! (Full transcript inside.)

Apple patches are out – old iPhones get an old zero-day fix at last!

Don't delay, especially if you're still running an iOS 12 device... please do it today!

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches

Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1...

Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware

Tales of derring-do in the cyberunderground! (And some zero-days.)

Pwn2Own Toronto: 54 hacks, 63 new bugs, $1 million in bounties

That's a mean average of $15,710 per bug... and 63 fewer bugs out there for crooks and rogues to find.

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?

Chrome issues urgent zero-day fix – update now!

We've said it before/And we'll say it again/It's not *if* you should patch/It's a matter of *when*. (Hint: now!)

Apple megaupdate: Ventura out, iOS and iPad kernel zero-day – act now!

Ventura hits the market with 112 patches, Catalina's gone missing, and iPhones and iPads get a critical kernel-level zero-day patch...

Patch Tuesday in brief – one 0-day fixed, but no patches for Exchange!

There's a zero-day patch, but it's not for the zero-day you thought.

S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]

Latest episode - listen and learn now (or read and revise, if the written word is your thing)...

WhatsApp “zero-day exploit” news scare – what you need to know

Is WhatsApp currently under active attack by cybercriminals? Is this a clear and current danger? How worried should WhatsApp users be?

Chrome and Edge fix zero-day security hole – update now!

This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.

S3 Ep87: Follina, AirTags, ID theft and the Law of Big Numbers [Podcast]

Lastest epsiode - listen now!

Google Chrome patches mysterious new zero-day bug – update now

CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now!

Serious Security: DEADBOLT – the ransomware that goes straight for your backups

Some tips on how to keep your network safe - even (or perhaps especially!) if you think you're safe already.

Apple patches 87 security holes – from iPhones and Macs to Windows

Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.

Firefox patches two actively exploited 0-day holes: update now!

Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now!

S3 Ep71: VMware escapes, PHP holes, WP plugin woes, and scary scams [Podcast + Transcript]

Latest episode - listen now!

Adobe fixes zero-day exploit in e-commerce code: update now!

There's a remote code execution hole in Adobe e-commerce products - and cybercrooks are already exploiting it.

Apple fixes Safari data leak (and patches a zero-day!) – update now

That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.

S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)

“Log4Shell” Java vulnerability – how to safeguard your servers

Just when you thought it was safe to relax for the weekend... a critical bug showed up in Apache's Log4j product

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

Latest episode - listen now! Solid cybersecurity advice in plain English.