Experimental News Clipping Site

Tag: exploit

  • Hacker News: Polymorphic Chrome Extensions Impersonate Password Managers to Steal Credentials

    by

    Kurt Seifried
    in

    Source URL: https://cyberinsider.com/polymorphic-chrome-extensions-impersonate-password-managers-to-steal-credentials/ Source: Hacker News Title: Polymorphic Chrome Extensions Impersonate Password Managers to Steal Credentials Feedly Summary: Comments AI Summary and Description: Yes Summary: The emergence of polymorphic browser extensions presents a significant security threat, particularly to users relying on legitimate extensions for secure tasks. These malicious extensions cleverly impersonate existing ones, executing sophisticated…

  • The Register: Microsoft admits GitHub used to store malware that infected almost a million devices

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/10/infosec_in_brief/ Source: The Register Title: Microsoft admits GitHub used to store malware that infected almost a million devices Feedly Summary: Also, phone cleaner apps are a data-sucking scam, Singapore considering the literal rod for scammers, and more Infosec in Brief Microsoft has spotted a malvertising campaign that downloaded nastyware hosted on GitHub and…

  • Hacker News: Apple rearranged its XNU kernel with exclaves

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/08/kernel_sanders_apple_rearranges_xnu/ Source: Hacker News Title: Apple rearranged its XNU kernel with exclaves Feedly Summary: Comments AI Summary and Description: Yes Summary: Apple is enhancing the security of its XNU kernel through the introduction of “exclaves,” which create isolated domains that enhance protection against kernel compromises. This architectural shift aims to combine the advantages…

  • Hacker News: The ESP32 "backdoor" that wasn’t

    by

    Kurt Seifried
    in

    Source URL: https://darkmentor.com/blog/esp32_non-backdoor/ Source: Hacker News Title: The ESP32 "backdoor" that wasn’t Feedly Summary: Comments AI Summary and Description: Yes Summary: The text addresses the misconception that the ESP32 Bluetooth chips contain a backdoor, clarifying that the vendor-specific HCI commands discovered are common in Bluetooth technology and do not inherently indicate malicious intent. It discusses…

  • Hacker News: Toward a Passwordless Future

    by

    Kurt Seifried
    in

    Source URL: https://www.privacyguides.org/articles/2025/03/08/toward-a-passwordless-future/ Source: Hacker News Title: Toward a Passwordless Future Feedly Summary: Comments AI Summary and Description: Yes Summary: The text explores the historical evolution of password-based authentication, its inherent vulnerabilities, and the transition towards using passkeys as a more secure and private alternative. This shift is particularly relevant for professionals in security and…

  • Hacker News: Backdoor detected in ESP32 Espressif IoT chip

    by

    Kurt Seifried
    in

    Source URL: https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/ Source: Hacker News Title: Backdoor detected in ESP32 Espressif IoT chip Feedly Summary: Comments AI Summary and Description: Yes Summary: The text details significant new findings by Tarlogic Security regarding a backdoor in the widely used ESP32 microchip, affecting millions of IoT devices. This vulnerability poses serious risks for security and privacy…

  • Slashdot: Undocumented ‘Backdoor’ Found In Chinese Bluetooth Chip Used By a Billion Devices

    by

    Kurt Seifried
    in

    Source URL: https://hardware.slashdot.org/story/25/03/08/2027216/undocumented-backdoor-found-in-chinese-bluetooth-chip-used-by-a-billion-devices?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Undocumented ‘Backdoor’ Found In Chinese Bluetooth Chip Used By a Billion Devices Feedly Summary: AI Summary and Description: Yes Summary: The discovery of an undocumented backdoor in the widely used ESP32 microchip by researchers from Tarlogic Security highlights significant security vulnerabilities in IoT devices. This backdoor could facilitate various…

  • Hacker News: Undocumented backdoor found in Bluetooth chip used by a billion devices

    by

    Kurt Seifried
    in

    Source URL: https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/ Source: Hacker News Title: Undocumented backdoor found in Bluetooth chip used by a billion devices Feedly Summary: Comments AI Summary and Description: Yes Summary: The discovery of an undocumented backdoor in the widely used ESP32 microchip presents significant security risks, especially in IoT devices. This backdoor allows for device spoofing, unauthorized access,…

  • The Register: Kernel saunters – How Apple rearranged its XNU kernel with exclaves

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/08/kernel_sanders_apple_rearranges_xnu/ Source: The Register Title: Kernel saunters – How Apple rearranged its XNU kernel with exclaves Feedly Summary: iPhone giant compartmentalizes OS for the sake of security Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called “exclaves."… AI Summary…

  • Simon Willison’s Weblog: Apple Is Delaying the ‘More Personalized Siri’ Apple Intelligence Features

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Mar/8/delaying-personalized-siri/#atom-everything Source: Simon Willison’s Weblog Title: Apple Is Delaying the ‘More Personalized Siri’ Apple Intelligence Features Feedly Summary: Apple Is Delaying the ‘More Personalized Siri’ Apple Intelligence Features Apple told John Gruber (and other Apple press) this about the new “personalized" Siri: It’s going to take us longer than we thought to deliver…