Latest Software news

DuckDuckGo launches a premium Privacy Pro VPN service

DuckDuckGo has launched a new paid-for 3-in-1 subscription service called 'Privacy Pro,' which includes a virtual private network (VPN), a personal data removal service, and an identity theft restoration solution.
- Bill Toulas
- April 11, 2024
- 08:00 AM
- 4
Fake Facebook MidJourney AI page promoted malware to 1.2 million people

Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware.
- Bill Toulas
- April 05, 2024
- 12:47 PM
- 0
New XZ backdoor scanner detects implant in any Linux binary

Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094.
- Bill Toulas
- April 02, 2024
- 10:33 AM
- 0
Google Podcasts service shuts down in the US next week

U.S. users have just a few more days to make the transition from Google Podcasts as the company moves forward with the process of discontinuing the service globally.
- Bill Toulas
- March 29, 2024
- 11:03 AM
- 0
CISA urges software devs to weed out SQL injection vulnerabilities

CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security vulnerabilities before shipping.
- Sergiu Gatlan
- March 25, 2024
- 02:26 PM
- 1
Hackers poison source code from largest Discord bot platform

The Top.gg Discord bot community with over 170,000 members has been impacted by a supply-chain attack aiming to infect developers with malware that steals sensitive information.
- Bill Toulas
- March 25, 2024
- 02:00 PM
- 0
Tuta Mail adds new quantum-resistant encryption to protect email

Tuta Mail has announced TutaCrypt, a new post-quantum encryption protocol to secure communications from powerful and anticipated decryption attacks.
- Bill Toulas
- March 11, 2024
- 05:21 PM
- 2
Citrix, Sophos software impacted by 2024 leap year bugs

Citrix and Sophos products have been impacted by leap year flaws, leading to unexpected problems in their products.
- Bill Toulas
- February 29, 2024
- 01:30 PM
- 4
White House urges devs to switch to memory-safe programming languages

The White House Office of the National Cyber Director (ONCD) urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities.
- Sergiu Gatlan
- February 26, 2024
- 04:34 PM
- 13
Apple adds PQ3 quantum-resistant encryption to iMessage

Apple is adding to the iMessage instant messaging service a new post-quantum cryptographic protocol named PQ3, designed to defend encryption from quantum attacks.
- Bill Toulas
- February 24, 2024
- 11:04 AM
- 5
Google Pay app shutting down in US, users have till June to move funds

Google is retiring the standalone Pay app in the United States. Users have until June 4 to transfer the balance to bank accounts.
- Bill Toulas
- February 23, 2024
- 01:46 PM
- 7
Bitwarden’s new auto-fill option adds phishing resistance

The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being stolen through malicious form fields.
- Bill Toulas
- February 22, 2024
- 02:12 PM
- 8
LockBit ransomware secretly building next-gen encryptor before takedown

LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely a future LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week.
- Bill Toulas
- February 22, 2024
- 08:51 AM
- 0
Critical infrastructure software maker confirms ransomware attack

PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed last week is a ransomware attack that impacted its internal infrastructure.
- Bill Toulas
- February 20, 2024
- 09:36 AM
- 1
Zoom patches critical privilege elevation flaw in Windows apps

The Zoom desktop and VDI clients and the Meeting SDK for Windows are vulnerable to an improper input validation flaw that could allow an unauthenticated attacker to conduct privilege escalation on the target system over the network.
- Bill Toulas
- February 14, 2024
- 03:32 PM
- 0
DuckDuckGo browser gets end-to-end encrypted sync feature

The DuckDuckGo browser has unveiled a new end-to-end encrypted Sync & Backup feature that lets users privately and securely synchronize their bookmarks, passwords, and Email Protection settings across multiple devices.
- Bill Toulas
- February 14, 2024
- 08:00 AM
- 0
ExpressVPN bug has been leaking some DNS requests for years

ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers.
- Bill Toulas
- February 11, 2024
- 10:09 AM
- 0
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now

Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.
- Bill Toulas
- January 23, 2024
- 10:41 AM
- 0
Brave to end 'Strict' fingerprinting protection as it breaks websites

Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes many sites to function incorrectly.
- Bill Toulas
- January 21, 2024
- 10:19 AM
- 0
Latest Adblock update causes massive YouTube performance hit

Adblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an issue in the popular ad-blocking extension.
- Bill Toulas
- January 15, 2024
- 11:16 AM
- 4