Passwordstate password manager hacked in supply chain attack

Click Studios, the company behind the Passwordstate enterprise password manager, notified customers that attackers compromised the app’s update mechanism to deliver malware in a supply-chain attack after breaching its networks. Passwordstate is an on-premises password management solution used by over Read More …

Australia cyber attacks hit television channel and parliament

A cyber attack has disrupted Channel Nine’s live broadcasts from Sydney, the TV company has confirmed, at the same time as an attack led to Parliament House’s email system being taken offline. As a result of the attack, the channel’s Read More …

Zero-click iOS zero-day found deployed against Al Jazeera employees

At least 36 Al Jazeera journalists, producers, anchors, and executives, along with a journalist at London-based Al Araby TV, had their iPhones hacked using a no-user-interaction zero-day vulnerability in the iOS iMessage app, an academic research group said today. Citizen Read More …

Lawsuits threaten infosec research — just when we need it most

This year, two security reporters and one researcher will fight for their professional lives in court. Steve Ragan, senior staff writer at tech news site CSO, and Dan Goodin, security editor at Ars Technica, were last year named defendants in two separate Read More …