Latest Software news

Citrix, Sophos software impacted by 2024 leap year bugs

Citrix and Sophos products have been impacted by leap year flaws, leading to unexpected problems in their products.
- Bill Toulas
- February 29, 2024
- 01:30 PM
- 4
White House urges devs to switch to memory-safe programming languages

The White House Office of the National Cyber Director (ONCD) urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities.
- Sergiu Gatlan
- February 26, 2024
- 04:34 PM
- 13
Apple adds PQ3 quantum-resistant encryption to iMessage

Apple is adding to the iMessage instant messaging service a new post-quantum cryptographic protocol named PQ3, designed to defend encryption from quantum attacks.
- Bill Toulas
- February 24, 2024
- 11:04 AM
- 5
Google Pay app shutting down in US, users have till June to move funds

Google is retiring the standalone Pay app in the United States. Users have until June 4 to transfer the balance to bank accounts.
- Bill Toulas
- February 23, 2024
- 01:46 PM
- 7
Bitwarden’s new auto-fill option adds phishing resistance

The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being stolen through malicious form fields.
- Bill Toulas
- February 22, 2024
- 02:12 PM
- 8
LockBit ransomware secretly building next-gen encryptor before takedown

LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely a future LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week.
- Bill Toulas
- February 22, 2024
- 08:51 AM
- 0
Critical infrastructure software maker confirms ransomware attack

PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed last week is a ransomware attack that impacted its internal infrastructure.
- Bill Toulas
- February 20, 2024
- 09:36 AM
- 1
Zoom patches critical privilege elevation flaw in Windows apps

The Zoom desktop and VDI clients and the Meeting SDK for Windows are vulnerable to an improper input validation flaw that could allow an unauthenticated attacker to conduct privilege escalation on the target system over the network.
- Bill Toulas
- February 14, 2024
- 03:32 PM
- 0
DuckDuckGo browser gets end-to-end encrypted sync feature

The DuckDuckGo browser has unveiled a new end-to-end encrypted Sync & Backup feature that lets users privately and securely synchronize their bookmarks, passwords, and Email Protection settings across multiple devices.
- Bill Toulas
- February 14, 2024
- 08:00 AM
- 0
ExpressVPN bug has been leaking some DNS requests for years

ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers.
- Bill Toulas
- February 11, 2024
- 10:09 AM
- 0
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now

Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.
- Bill Toulas
- January 23, 2024
- 10:41 AM
- 0
Brave to end 'Strict' fingerprinting protection as it breaks websites

Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes many sites to function incorrectly.
- Bill Toulas
- January 21, 2024
- 10:19 AM
- 0
Latest Adblock update causes massive YouTube performance hit

Adblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an issue in the popular ad-blocking extension.
- Bill Toulas
- January 15, 2024
- 11:16 AM
- 4
Bitwarden adds passkey support to log into web password vaults

The open-source Bitwarden password manager has announced that all users can now log in to their web vaults using a passkey instead of the standard username and password pairs.
- Bill Toulas
- January 11, 2024
- 02:21 PM
- 1
Twilio will ditch its Authy desktop 2FA app in August, goes mobile only

The Authy desktop apps for Windows, macOS, and Linux will be discontinued in August 2024, with the company recommending users switch to a mobile version of the two-factor authentication (2FA) app.
- Bill Toulas
- January 08, 2024
- 01:07 PM
- 4
Online museum collections down after cyberattack on service provider

Museum software solutions provider Gallery Systems has disclosed that its ongoing IT outages were caused by a ransomware attack last week.
- Bill Toulas
- January 02, 2024
- 02:01 PM
- 0
Get $20 off this all-in-one security suite and browse privately

From now until Nov. 9, new users can get an exclusive price of $129.97 on a lifetime subscription to the MonoDefense Security Suite.
- BleepingComputer Deals
- November 01, 2023
- 02:09 PM
- 0
Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily.
- Bill Toulas
- October 31, 2023
- 10:23 AM
- 0
Help a loved one organize their PDFs with $230 off Document 365 Lite

PDFs clutter our phones, our laptops, and our lives. This lifetime subscription to Document 365 Lite gifts us powerful document control for $69.97, $230 off the $299 MSRP, but only until the end of Halloween!
- BleepingComputer Deals
- October 28, 2023
- 08:19 AM
- 0
Lazarus hackers breached dev repeatedly to deploy SIGNBT malware

The North Korean Lazarus hacking group repeatedly compromised a software vendor using flaws in vulnerable software despite multiple patches and warnings being made available by the developer.
- Bill Toulas
- October 27, 2023
- 12:15 PM
- 0