Dan Goodin

ChatGPT restrictions on the creation of illicit content are easy to circumvent.

The DNS hijacking threat can be especially high for people using public Wi-Fi.

Code-signing is supposed to make people safer. In this case, it made them less so.

Automation features make LockBit one of the more destructive pieces of ransomware.

Wondering if your data got swept up by Raccoon? Here’s how to find out.

Google removes 16 apps after receiving a report the apps were committing ad fraud

Microsoft said Windows automatically blocked dangerous drivers. It didn’t.

The flaw has been under attack since at least early September.

For 2nd time in 4 years, Amazon loses control of its IP space in BGP hijacking.

Researchers from Google and IBM see unprecedented blurring of lines.

Group that pulled off successful attack on PyPI has humble origins.

2FA provider Authy, password manager LastPass, and DoorDash all experienced breaches.

SHARPEXT has slurped up thousands of emails in the past year and keeps getting better.

More than 500,000 malicious samples seen in campaign that installs web shells.

Apple intros “extreme” optional protection against the scourge of mercenary spyware.

Researchers unearth suspected credential-stealer service targeting YouTubers.

No patch yet for easy-to-hack access point that leaks data and exposes networks to hacks.

Once-unknown group uses a tunnel fetish and a chameleon’s ability to blend in.

Elevation of privilege vulnerabilities can be used to gain persistent root access.