Opinion
HackadayOpinion

This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...

Web browsers can spy on information via SSD access times

IT researchers have demonstrated a side-channel attack called "FROST" where browsers can spy on user behavior via SSD access times.
ZME Science

Another Way Browsers Can Spy on You: Listening to Your Hard Drive

Researchers have shown that a web page can watch for tiny slowdowns in a computer’s storage drive and use those delays to guess which websites someone visits or which apps they open. The technique is ...
Floor

Strategic Exchange: The 25% tariff on China-produced LVT has been reinstated – Aug/Sept 2020

Back in November 2019, when the tariff exclusion for China-produced “click” LVT was granted, we were told that the exemption was valid until August 7, 2020, and on that date, it would either expire or ...
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

Microsoft Threat Intelligence has uncovered an active supply chain attack involving malicious npm packages registered under organizational scopes that mirror real internal corporate namespaces, ...