Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Notepad++ boosts update security with ‘double-lock’ mechanism — www.bleepingcomputer.com/… (Following the embarrassing compromise of their update infrastructure that required all users to do a manual upgrade late last year) 🇬🇧 A little movement on […]
Continue readingCategory: Security Bits
Security Bits – 15 February 2026
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Both a good reminder that it’s important to be careful where you get your software from, and an illustration of how the residential proxy networks we recently talked about are built: Laced 7-Zip installers […]
Continue readingSecurity Bits — 1 February 2026
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. A timely reminder both that malicious ads remain a big problem, and that Mac users are not immune to malware: Mac malware is sneaking into some sponsored Google ads — appleinsider.com/… Deep Dive — […]
Continue readingSecurity Bits — 18 January 2026
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Some context for a story we covered many times in 2025: Amazon blocked 1,800 employment attempts by North Korean agents — cyberinsider.com/… Yet another reason to steer clear of VS Code forks: VSCode IDE […]
Continue readingSecurity Bits — 18 December 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Yet another real-world example of the dangers of poor secret hygiene: Over 10,000 Docker Hub images found leaking credentials, auth keys — www.bleepingcomputer.com/… 🇬🇧 UK fines LastPass £1.2M over 2022 data breach impacting 1.6 […]
Continue readingSecurity Bits — 6 December 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. A good example of why Bart has been going on and on about secret management in recent conversations with Allison: Massive GitLab scan finds 17,000+ valid secrets in public repositories — cyberinsider.com/… A nice […]
Continue readingSecurity Bits — 23 November 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Google backpedals on new Android developer registration rules — www.bleepingcomputer.com/… (Android is not becoming quite as Apple-like after all — better for Linux geeks, worse for regular folks) Deep Dive — that Cloudflare Outage […]
Continue readingSecurity Bits — 9 November 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. More evidence of the dangers of Agentic Browsers: ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands — thehackernews.com/… Related Article: Be Cautious with Agentic Web Browsers — tidbits.com/… (by […]
Continue readingSecurity Bits — 26 October 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 US Court Blocks Spyware Vendor NSO Group from Targeting WhatsApp Users — cyberinsider.com/… (Maybe their recent change to US ownership will give this injunction more teeth!) Update on the Tea app which suffered […]
Continue readingSecurity Bits — 12 October 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Another interesting twist in the NSO Group Saga: Spyware maker NSO Group confirms acquisition by US investors — techcrunch.com/… (via Allison) ❗ Action Alerts Calls to action, if any stories in this section are […]
Continue reading