Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. A timely reminder to keep your routers patched and to bin un-supported models via listener BG in the Podfeet Slack: 14,000 routers are infected by malware that’s highly resistant to takedowns — arstechnica.com/… (ASUS […]
Continue readingAuthor: Bart Busschots
Security Bits — 1 March 2026
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Notepad++ boosts update security with ‘double-lock’ mechanism — www.bleepingcomputer.com/… (Following the embarrassing compromise of their update infrastructure that required all users to do a manual upgrade late last year) 🇬🇧 A little movement on […]
Continue readingSecurity Bits – 15 February 2026
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Both a good reminder that it’s important to be careful where you get your software from, and an illustration of how the residential proxy networks we recently talked about are built: Laced 7-Zip installers […]
Continue readingSecurity Bits — 1 February 2026
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. A timely reminder both that malicious ads remain a big problem, and that Mac users are not immune to malware: Mac malware is sneaking into some sponsored Google ads — appleinsider.com/… Deep Dive — […]
Continue readingSecurity Bits — 18 January 2026
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Some context for a story we covered many times in 2025: Amazon blocked 1,800 employment attempts by North Korean agents — cyberinsider.com/… Yet another reason to steer clear of VS Code forks: VSCode IDE […]
Continue readingSecurity Bits — 18 December 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Yet another real-world example of the dangers of poor secret hygiene: Over 10,000 Docker Hub images found leaking credentials, auth keys — www.bleepingcomputer.com/… 🇬🇧 UK fines LastPass £1.2M over 2022 data breach impacting 1.6 […]
Continue readingSecurity Bits — 6 December 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. A good example of why Bart has been going on and on about secret management in recent conversations with Allison: Massive GitLab scan finds 17,000+ valid secrets in public repositories — cyberinsider.com/… A nice […]
Continue reading
Embracing AI While Retaining My Privacy — by Bart Busschots
Rather like with the smart home, when it comes to AI, I’ve taken the second wave approach — I let the early adopters get well and truly burned, and give the developers a chance to make a meaningful start at fixing the biggest problems, before slowly dipping my toe in. Compared to non-geeks, I’m still […]
Continue readingSecurity Bits — 23 November 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Google backpedals on new Android developer registration rules — www.bleepingcomputer.com/… (Android is not becoming quite as Apple-like after all — better for Linux geeks, worse for regular folks) Deep Dive — that Cloudflare Outage […]
Continue readingSecurity Bits — 9 November 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. More evidence of the dangers of Agentic Browsers: ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands — thehackernews.com/… Related Article: Be Cautious with Agentic Web Browsers — tidbits.com/… (by […]
Continue reading