- — How a USB-connected speaker can infect a PC without ever being touched
![[*]](img/ib-star_nm.png "mark favorite")
![[-]](img/ib-mark_nm.png "mark as read")
![[-]](img/ib-markold_nm.png "mark older as read")
![[x]](img/ib-delete_nm.png "delete article")
![[A+]](img/ib-fontbg_nm.png "larger font")
![[a-]](img/ib-fontsm_nm.png "smaller font")
![[l]](img/ib-link_nm.png "direct link")
at 6/5/26 3:00pmSeller of the Sound Blaster Katana V2X doesn't consider the behavior a vulnerability.- — Dashlane explains how attackers managed to download encrypted password vaults
-
![[+]](img/ib-marked_nm.png "mark as new")
at 6/4/26 2:02pmBy targeting large numbers of users, attackers increased their chances of success. - — Can't make sense of Dashlane's vault theft notification? You're not alone.
- at 6/3/26 1:53pmSecurity advisory leaves out key details. Dashlane maintains complete silence.
- — Dozens of Red Hat packages backdoored through its official NPM channel
- at 6/1/26 1:49pmAnyone who has downloaded affected Red Hat packages should investigate immediately.
- — Botnet of more than 17 million devices dismantled
- at 5/29/26 12:46pmThe botnet was reportedly tied to a Russia-based residential proxy network.
- — Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
- at 5/28/26 2:29pmUndisclosed addition in jqwik instructed AI coding agents to delete app output.
- — Websites have a new way to spy on visitors: Analyzing their SSD activity
- at 5/27/26 2:56pmTelltale SSD activity can be measured in the browser using simple JavaScript.
- — Millions of AI agents imperiled by critical vulnerability in open source package
- at 5/26/26 1:50pm"BadHost" was found in Starlette, a package with 325 million weekly downloads.
- — US's big bet on quantum computing may not be entirely legal
- at 5/25/26 6:00amDeal also launched the first quantum foundry company, but is there a need for it?
- — Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption
- at 5/22/26 12:13pmCritics note a lack of factual support in lawsuit filed by US Senate candidate.
- — A hacker group is poisoning open source code at an unprecedented scale
- at 5/22/26 4:30amGitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks.
- — US government takes $2 billion equity stake in nine quantum computing firms
- at 5/21/26 7:48amBeneficiaries include startup backed by firm with links to the Trump family.
- — Google publishes exploit code threatening millions of Chromium users
- at 5/20/26 1:10pmGoogle publishes exploit code before patch, reported 42 months earlier, is fixed.
- — In stunning display of stupid, secret CISA credentials found in public GitHub repo
- at 5/19/26 12:27pmSSH keys, plaintext passwords, other sensitive data had been up since November 2025.
- — Zero-day exploit completely defeats default Windows 11 BitLocker protections
- at 5/14/26 12:32pmIt's not entirely clear how the exploit works. Microsoft says it's investigating.
- — Cisco announces record revenue and 4,000 layoffs in the same day
- at 5/14/26 10:47amLayoffs are "not a savings-driven restructure," CFO says.
- — Linux bitten by second severe vulnerability in as many weeks
- at 5/11/26 4:28pmProduction-version patches are coming online and should be installed pronto.
- — Chaos erupts as cyberattack disrupts learning platform Canvas amid finals
- at 5/8/26 12:33pmAcross the country, schools and colleges postpone year-end tests.
- — Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives"
- at 5/7/26 1:18pmThe developer of Firefox says it has "completely bought in" on AI-assisted bug discovery.
- — Ars Asks: Share your shell and show us your tricked-out terminals!
- at 5/6/26 7:32amA celebration of the tweaks and customizations that make life easier at the CLI.
As of 6/5/26 8:04pm. Last new 6/5/26 5:40pm.
- Next feed in category: Wired