Using WinRAR? Be sure to patch against these code execution bugs…

Imagine if you clicked on a harmless-looking image, but an unknown application fired up instead...

S3 Ep146: Tell us about that breach! (If you want to.)

Serious security stories explained clearly in plain English - listen now. (Full transcript available.)

S3 Ep144: When threat hunting goes down a rabbit hole

Latest episode - check it out now!

Urgent! Apple fixes critical zero-day hole in iPhones, iPads and Macs

Don't delay, do it today. This is a code-implantation bug in WebKit that attackers already know how to exploit.

S3 Ep136: Navigating a manic malware maelstrom

Latest episode - listen now. Full transcript inside...

Ransomware tales: The MitM attack that really had a Man in the Middle

Another traitorous sysadmin story, this one busted by system logs that gave his game away...

Phone scamming kingpin gets 13 years for running “iSpoof” service

Site marketing video promised total anonymity, but that was a lie. 170 arrested already. Potentially 1000s more to follow.

Bootkit zero-day fix – is this Microsoft’s most cautious patch ever?

When blocking buggy bootup modules, you have to be really careful not to lock your keys inside the car...

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...

Einstein tilings – the amazing “Hat” shape that never repeats!

Imagine tiling a whole football field using a single shape... yet not being able to produce a repeating pattern, even if you wanted to.

Cops use fake DDoS services to take aim at wannabe cybercriminals

Thinking of trying a bit of DDoSsing to get a feel for life at the fringes of the Dark Side? Don't do it!

The horror! The horror! NOTEPAD gets tabbed editing (very briefly)

Is there a special meaning of "don't" that means "go right ahead"?

Critical “10-out-of-10” Linux kernel SMB hole – should you worry?

It's serious, it's critical, and you could call it severe... but in HHGttG terminology, it's probably "mostly harmless".

How to hack an unpatched Exchange server with rogue PowerShell code

Review your servers, your patches and your authentication policies - there's a proof-of-concept out

Zoom for Mac patches sneaky “spy-on-me” bug – update now!

Hey! That back door isn't supposed to be there at all, let alone propped open...

Paying ransomware crooks won’t reduce your legal risk, warns regulator

"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?

Who’s watching your webcam? The Screencastify Chrome extension story…

When you really need to make exceptions in cybersecurity, specify them as explicitly as you can.

S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]

Latest episode - lots to learn - plain English - fun with a serious side - listen now!

“VMware Spring Cloud Function” Java bug gives instant remote code execution – update now!

Easy unauthenticated remote code execution - PoC code already out

Romance scammer who targeted 670 women gets 28 months in jail

Found love online? Sending them money? Friends and family warning you it could be a scam? Don't be too quick to dismiss their concerns...