Weirdo Twitter messages were a glitch, not a hack

Were you one of the dozens of people who got a bizarre Twitter message yesterday? It's OK. It wasn't a disturbance in the Matrix.

Serious SSH bug lets crooks log in just by asking nicely…

A serious bug in libssh could allow crooks to connect to your server - with no password requested or required. Here's what you need to know.

New iPhone lock screen bypass exposes your photos

José Rodríguez has demonstrated how an attacker with physical access to a device running iOS 12.0.1 can gain access to photos stored on it.

Is this the simple solution to password re-use?

Researchers concluded that passphrase requirements such as a 15-character minimum length deter the majority users from reusing them on other sites.

35 million US voter records up for sale on the dark web

He or she is selling off the databases by state. Kansas's voter database has already been sold and published, and Oregon is next up for sale.

Donald Daters app for pro-Trump singles exposes users’ data at launch

A security researcher found a publicly exposed Firebase data repository that was hardcoded in the dating app.

US embassy accidentally emails invitation to ‘cat pyjama-jam’ meeting

Canberra’s US embassy accidentally exposed details of one of its more enticing get-togethers last week, featuring a cat in a Cookie Monster outfit.

How Chrome and Firefox could ruin your online business this month

Last year, Symantec sold off its web certificate business. The new owners are reissuing certs for free - but there's a deadline looming!

Google using lock screen passwords to encrypt Android Cloud backups

If, that is, your phone has updated to the Android 9 operating system, otherwise known as Pie. If so, say hi to the Titan chip!

How to buy (and set up) a safe and secure baby monitor

Wi-Fi enabled or not? Digital or analog? Here are the features to look for, and how to secure your baby monitor out of the box.

iOS 12.0.1 Security Bug Workaround (O_o)

Facebook opens up about data breach details

Two weeks after Facebook's first serious data breach, and the social network has shared what it has figured out so far.

Beware sextortionists spoofing your own email address

In the past, they've pretended to have your passwords - now they're pretending to send email from your "hacked" account, too.

Literary-minded phishers are trying to pilfer publishers’ manuscripts

In a twist on Business Email Compromise, they're spoofing literary agents and going after manuscripts at Penguin Random House and Pan Macmillan.

Monday review – the hot 23 stories of the week

From the WhatsApp hack to the world's most expensive USB stick, and everything in between. Catch up with everything we've written in the last 7 days - it's weekly roundup time.

What Kanye West can teach us about passcodes

Pulling out an iPhone XS to show the assembled throng a picture of the hydrogen-powered aircraft that “our president should be flying in,” West casually unlocked it using the passcode ‘000000’.

35 state attorney generals tell FCC to pull the plug on robocalls

The AGs want the FCC to adopt SHAKEN and STIR.

Experian credit-freeze PINs could be revealed by a simple trick

The credit bureaus' struggles with PINs continue...

Payment skimmers sneaking on to websites via third party code

Whatever Magecart is, it’s been blamed for several high-profile payment card breaches this summer.

Instagram tests sharing your location history with Facebook

Instagram is testing Facebook Location History - which allows the tracking of precise locations from your device - in its app.

Millions at risk from default webcam passwords

Hangzhou Xiongmai Technology Co.,Ltd (Xiongmai), the Chinese manufacturer that made many of the devices left vulnerable to Mirai, is back with another vulnerability that puts millions of devices across the world at risk yet again.