{"id":35736,"date":"2026-04-12T15:54:58","date_gmt":"2026-04-12T22:54:58","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=35736"},"modified":"2026-04-12T15:54:58","modified_gmt":"2026-04-12T22:54:58","slug":"sb-2026-04-12","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2026\/04\/sb-2026-04-12\/","title":{"rendered":"Security Bits \u2014 12 April 2026"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 A good analysis of the US router ban that had just broken last time: <a href=\"https:\/\/www.theverge.com\/tech\/899906\/fcc-router-ban-march-2026-explainer\">The United States router ban, explained \u2014 www.theverge.com\/\u2026<\/a><\/li>\n<li>Reported as a Probably Breach last time: <a href=\"https:\/\/cyberinsider.com\/1-2-million-crunchyroll-users-confirmed-impacted-by-data-breach\/\">1.2 million Crunchyroll users confirmed impacted by data breach \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>Following from the recent story that the iPhone 17 is the first commercial smart phone approved for handling NATO secrets, Apple have shared that they have found zero examples of an iPhone in lockdown mode being successfully compromised \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/26\/03\/27\/apple-claims-a-100-protection-rate-with-iphone-lockdown-mode\">appleinsider.com\/\u2026<\/a><\/li>\n<li>We discussed AirSnitch when it was revealed in February, and said it would take time for the industry to respond, we now have a significant response:  <a href=\"https:\/\/cyberinsider.com\/d-link-releases-security-fixes-to-address-airsnitch-wi-fi-attack-threat\/\">D-Link releases security fixes to address AirSnitch Wi-Fi attack threat \u2014 cyberinsider.com\/\u2026<\/a> <\/li>\n<li>\ud83c\uddea\ud83c\uddfa Attempts by some in the EU to break End-to-End Encryption have taken a big hit: <a href=\"https:\/\/cyberinsider.com\/eu-votes-to-block-extension-of-rules-allowing-private-message-scanning\/\">EU votes to block extension of rules allowing private message scanning \u2014 cyberinsider.com\/\u2026<\/a>\n<ul>\n<li><strong>Context:<\/strong> <\/li>\n<li>The EU Commission and some countries have been trying to pass <em>Chat Control<\/em> for many years. This would force CSAM scanning and make End-to-End Encryption illegal.<\/li>\n<li>So far, all attempts to pass the bill have failed<\/li>\n<li>A <em>temporary<\/em> compromise was agreed upon that would <strong>allow<\/strong> tech companies to <strong>choose<\/strong> to break encryption to scan for CSAM by granting a time-limited exception to the GDPR (privacy regulation)<\/li>\n<li>This vote was intended to simply kick the can further down the road to allow more time to get <em>Chat Control<\/em> passed, but it failed!<\/li>\n<li>As of April 3, 2026, all companies continuing to voluntarily scan private messages for CSAM are probably breaching the GDPR, but they are continuing to do so \u2014 <a href=\"https:\/\/www.politico.eu\/article\/tech-firms-enter-legal-limbo-over-child-abuse-scanning\/\">www.politico.eu\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you, there is some action you should take.<\/aside>\n<ul>\n<li><a href=\"https:\/\/cyberinsider.com\/google-fixes-actively-exploited-chrome-zero-day-flaw-update-now\/\">Google fixes actively exploited Chrome zero-day flaw, update now \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/ios-26-4-fixes-over-35-security-issues-on-iphones\/\">iOS 26.4 Fixes over 35 Security Issues on iPhones \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/ios-18-7-7-and-ipados-18-7-7-now-available-for-older-iphones-and-ipads\/\">iOS 18.7.7 and iPadOS 18.7.7 Now Available for Older iPhones and iPads \u2014 www.macobserver.com\/\u2026<\/a>\n<ul>\n<li>Addresses the vulnerabilities used in the recently revealed <em>DarkSword<\/em> exploit chain<\/li>\n<li>Apple was initially withholding these patches from devices that could upgrade to iOS 26 but had not done so, but have now reversed that stance \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/26\/04\/01\/patch-to-protect-ios-18-holdouts-from-darksword-is-out\">appleinsider.com\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/thehackernews.com\/2026\/03\/apple-sends-lock-screen-alerts-to.html\">Apple Sends Lock Screen Alerts To \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Adobe Reader Users:<\/strong> <a href=\"https:\/\/thehackernews.com\/2026\/04\/adobe-patches-actively-exploited.html\">Adobe Patches Actively Exploited Acrobat Reader Flaw \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>Samsung Galaxy S25 Owners:<\/strong> <a href=\"https:\/\/cyberinsider.com\/samsung-galaxy-s25-ships-browser-vulnerable-to-rce-and-xss-attacks\/\">Samsung Galaxy S25 ships browser vulnerable to RCE and XSS attacks \u2014 cyberinsider.com\/\u2026<\/a>\n<ul>\n<li>No fix yet, so change your default browser to Chrome or Firefox ASAP!<\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>TP-Link Archer NX Owners:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/tp-link-warns-users-to-patch-critical-router-auth-bypass-flaw\/\">TP-Link warns users to patch critical router auth bypass flaw \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>GIGABYTE Laptop &amp; Motherboard Owners:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/gigabyte-control-center-vulnerable-to-arbitrary-file-write-flaw\/\">GIGABYTE Control Center vulnerable to arbitrary file write flaw \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>A timely reminder that you <strong>must<\/strong> keep your Android device patched: <a href=\"https:\/\/cyberinsider.com\/android-rootkit-novoice-infects-2-3-million-devices-via-google-play-apps\/\">Android rootkit NoVoice infects 2.3 million devices via Google Play apps \u2014 cyberinsider.com\/\u2026<\/a> (No zero-days being used, just long-patched bugs in un-patched devices, some as old as 2016, none newer than 2021!)<\/li>\n<li><strong>Related:<\/strong>\n<ul>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/apple-issues-emergency-xprotect-update-for-sequoia-and-tahoe-macs\/\">Apple Issues Emergency XProtect Update for Sequoia and Tahoe Macs \u2014 www.macobserver.com\/\u2026<\/a> (These happen silently &amp; automatically, so no action required!)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-now-force-upgrades-unmanaged-windows-11-24h2-pcs\/\">Microsoft now force upgrades unmanaged Windows 11 24H2 PCs \u2014 www.bleepingcomputer.com\/\u2026<\/a> (<em>Unmanaged<\/em> means not under Mobile Device Management)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>\u26a0\ufe0f \ud83c\uddfa\ud83c\uddf8 <strong>US Residents:<\/strong>  <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/us-warns-of-iranian-hackers-targeting-critical-infrastructure\/\">US warns of Iranian hackers targeting critical infrastructure \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>Seriously consider keeping a few days of emergency supplies on hand \ud83d\ude41<\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Mac Users:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-macos-stealer-campaign-uses-script-editor-in-clickfix-attack\/\">New macOS stealer campaign uses Script Editor in ClickFix attack \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/apple-adds-macos-terminal-warning-to-block-clickfix-attacks\/\">Apple adds macOS Terminal warning to block ClickFix attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Windows Users:<\/strong> <a href=\"https:\/\/thehackernews.com\/2026\/04\/microsoft-warns-of-whatsapp-delivered.html\">Microsoft Warns of Whatsapp Delivered \u2014 thehackernews.com\/\u2026<\/a>\n<ul>\n<li>Don&#8217;t be socially engineered into running VBS files!<\/li>\n<\/ul>\n<\/li>\n<li>A timely reminder that many Google ads remain malicious, and, that Mac users are being targeted: <a href=\"https:\/\/appleinsider.com\/articles\/26\/03\/30\/that-top-google-result-for-homebrew-could-infect-your-mac\">That Top Google Result for &#8216;Homebrew&#8217; Could Infect Your Mac \u2014 appleinsider.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 A reminder of why we need to be careful: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-americans-lost-a-record-21-billion-to-cybercrime-last-year\/\">FBI: Americans lost a record $21 billion to cybercrime last year \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>Perplexity Users:<\/strong> <a href=\"https:\/\/arstechnica.com\/tech-policy\/2026\/04\/perplexitys-incognito-mode-is-a-sham-lawsuit-says\/\">Perplexity\u2019s \u201cIncognito Mode\u201d is a \u201csham,\u201d lawsuit says \u2014 arstechnica.com\/\u2026<\/a>\n<ul>\n<li>This appears to have been verified technologically \ud83d\ude41<\/li>\n<\/ul>\n<\/li>\n<li>\u2139\ufe0f <strong>LinkedIn Users:<\/strong> there is a war-of-words between a company previously banned from LinkedIn for data scraping, and Microsoft, with the former claiming Microsoft is illegally spying on users, and Microsoft claiming they are protecting their services from abuse \u2013 court documents have been filed, but right now it&#8217;s a <em>he-said-she-said<\/em> more than anything else, so make up your own mind, or just monitor \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/linkedin-secretly-scans-for-6-000-plus-chrome-extensions-collects-data\/\">www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li><strong>Editorial by Bart:<\/strong> My gut feeling is there is probably a little truth on both sides, with the scanning definitely starting benignly, but I suspect some managers somewhere saw the power of the technique and instructed more plugins be monitored for, which is legal in the US where there are no privacy protections, but illegal in the EU.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/cyberinsider.com\/us-jury-orders-meta-to-pay-375-million-over-child-safety-failures\/\">US jury orders Meta to pay $375 million over child safety failures \u2014 cyberinsider.com\/\u2026<\/a>\n<ul>\n<li><strong>Insightful Analysis:<\/strong> <a href=\"https:\/\/om.co\/2026\/03\/25\/metas-may-day\/\">Meta\u2019s Moment of Reckoning \u2014 om.co\/\u2026<\/a> (<em>\u201cBut here is where the parallel gets uncomfortable. Tobacco did not go away. It became Juul.\u201d<\/em> \u2014 Om Malik)<\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddfa\ud83c\uddf8\ud83e\uddef Court documents have shown that when presented with appropriate court orders, Apple will map anonymised <em>Hide my Email<\/em> addresses to Apple IDs \u2014 <a href=\"https:\/\/cyberinsider.com\/apple-revealed-hide-my-email-user-identity-in-fbi-investigation\/\">cyberinsider.com\/\u2026<\/a>\n<ul>\n<li><strong>Editorial by Bart:<\/strong> This seems to have surprised some, but I can&#8217;t understand why \u2014 Apple have always, and will always, comply with court orders.<\/li>\n<li>It is utterly impossible for Apple not to know which users match to which address, otherwise, there would be no way for the email to arrive in the right inbox!<\/li>\n<li>Hide My Email is a tool for protecting you from app owners and website owners, nothing less, but also nothing more.<\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/cyberinsider.com\/fbi-retrieved-deleted-signal-messages-from-iphone-notification-database\/\">FBI retrieved deleted Signal messages from iPhone notification database \u2014 cyberinsider.com\/\u2026<\/a>\n<ul>\n<li>Only possible because the FBI had full access to the phone<\/li>\n<li>Not a breach of Signal, literally read the notifications out of the OS, which needs to know them to show them!<\/li>\n<li><strong>Editorial by Bart:<\/strong> Again, nothing shocking or scandalous here, this is just normal OS forensics!<\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddec\ud83c\udde7 <a href=\"https:\/\/www.macobserver.com\/news\/apple-now-requires-age-verification-in-the-uk-with-ios-26-4-update\/\">Apple Now Requires Age Verification in the UK with iOS 26.4 Update \u2014 www.macobserver.com\/\u2026<\/a>\n<ul>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/apple-age-verification-is-failing-for-some-here-is-what-to-try\/\">Apple Age Verification is Failing for some: Here is What to Try \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddf8\ud83c\uddec \ud83c\uddf0\ud83c\uddf7 Also rolled out in Singapore &amp; South Korea \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/apple-age-verification-now-required-in-more-regions\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Microsoft&#8217;s rollout of tighter security for code signing Windows drivers has hit an unexpected snag, with some major open-source projects un-intentionally losing their keys, most notably WireGuard &amp; VeraCrypt \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects\/\">www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>Until this is resolved, the developers can&#8217;t release any updates, so it needs to be fixed before any critical vulnerabilities are found.<\/li>\n<li>A quick resolution looks likely  with Microsoft appearing to respond constructively \u2014 <em>&#8220;We&#8217;re taking this as an opportunity to review how we communicate changes like this and make sure we&#8217;re doing it better&#8221;<\/em><\/li>\n<li><strong>Editorial by Bart:<\/strong> I see no sign of malice, and the intentions behind the change are definitely for the good of Windows security (compromised code signing keys are used to digitally sign a lot of malware these days)<\/li>\n<\/ul>\n<\/li>\n<li><em>RowHammer<\/em> attacks migrate from RAM to graphics memory, and there is a genuinely dangerous proof of concept \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-gpubreach-attack-enables-system-takeover-via-gpu-rowhammer\/\">www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>The specific attack can probably be fixed with a driver update from NVIDIA, and there is a work-around that cloud providers can use for now<\/li>\n<li>As with all RowHammer-like attacks, the real risk is on shared systems, not single-user systems like home systems<\/li>\n<li>An interesting side-effect of Apple&#8217;s unified memory architecture is that Macs don&#8217;t have to worry about this attack, since there is no graphics memory (and Apple are addressing regular RowHammer like the rest of the industry is).<\/li>\n<li>Longer-term, chip makers will need to revise their hardware to take account of this new technique<\/li>\n<\/ul>\n<\/li>\n<li>Anthopic&#8217;s latest <em>Mythos<\/em> model is apparently so good at finding vulnerabilities that they are giving major tech companies advanced access so they can fix bugs before the model is released publicly \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/anthropic-launches-mythos-ai-security-effort-with-apple-and-other-tech-giants\/\">www.macobserver.com\/\u2026<\/a> (<strong>Editorial by Bart:<\/strong> seems to be both good marketing and a genuine reflection of the model&#8217;s power)<\/li>\n<li>More major vendors are transparently submitting their services to audits:\n<ul>\n<li><a href=\"https:\/\/cyberinsider.com\/independent-audit-confirms-cloudflares-1-1-1-1-resolver-privacy-claims\/\">Independent audit confirms Cloudflare\u2019s 1.1.1.1 resolver privacy claims \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/malwarebytes-vpns-audit-uncovers-critical-flaws-fixes-underway\/\">Malwarebytes VPNs audit uncovers critical flaws, fixes underway \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li><em>\u201cMalwarebytes has completed the first independent security audit of its Privacy VPN infrastructure, revealing a generally strong security posture alongside critical vulnerabilities that are fixed or in the process of remediation.\u201d<\/em><\/li>\n<li>This was an extremely harsh audit \u2014 the starting assumption was that attackers were already in the network!<\/li>\n<li>None of the bugs still being worked on are show-stoppers that users need to worry about in the short-term<\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/whatsapp-private-inference-pre-launch-audit-uncovered-critical-flaws\/\">WhatsApp \u2018Private Inference\u2019 pre-launch audit uncovered critical flaws \u2014 cyberinsider.com\/\u2026<\/a> (and the flaws were fixed <strong>before<\/strong> launch!)<\/li>\n<\/ul>\n<\/li>\n<li>Some nice product updates:\n<ul>\n<li><a href=\"https:\/\/cyberinsider.com\/chrome-rolls-out-hardware-bound-session-protection-to-combat-infostealer-malware\/\">Chrome rolls out hardware-bound session protection to combat infostealer malware \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>Windows-only for now<\/li>\n<li>An excellent protection against session hijacking \u2014 excellent use of TPMs (Windows Trusted Platform Module)<\/li>\n<li>Nice new features for Google <strong>enterprise users<\/strong>:<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/google\/google-rolls-out-gmail-end-to-end-encryption-on-mobile-devices\/\">Google rolls out Gmail end-to-end encryption on mobile devices \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-drive-ransomware-detection-now-on-by-default-for-paying-users\/\">Google Drive ransomware detection now on by default for paying users \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/proton-unveils-privacy-focused-video-conferencing-service-meet\/\">Proton unveils privacy-focused video conferencing service Meet \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>Have-I-Been-Pwned have announced major new features and simplifications of their paid plans, mostly for enterprise users, but one new feature is very welcome to home users \u2014 passkey support on the control panel \u2014 <a href=\"https:\/\/www.troyhunt.com\/passkeys-k-anonymity-searches-massive-speed-enhancements-bulk-domain-verification-api\/\">www.troyhunt.com\/\u2026<\/a>\ud83c\udf89<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li>\ud83d\udccc <a href=\"https:\/\/www.intego.com\/mac-security-blog\/mac-security-guide\/\">Mac Security Guide: Threats, Tips, and Protection \u2014 www.intego.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Bart:<\/strong> \ud83c\udfa6 <a href=\"https:\/\/apod.nasa.gov\/apod\/ap260406.html\">NASA Astronomy Picture of the Day for 6 April 2026: The Path of Artemis II \u2014 apod.nasa.gov\/\u2026<\/a>\n<ul>\n<li>The ultimate example of <em>&#8216;skating to where the puck is going to be&#8217;<\/em>!<\/li>\n<\/ul>\n<\/li>\n<li><strong>From Allison<\/strong>\n<ul>\n<li>\ud83c\udfa6 <a href=\"https:\/\/www.youtube.com\/watch?v=PNQ7MoL7erI\">Apollo 8, Artemis 1 &amp; 2 Orbit Comparison TheOverviewEffekt<\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=bKw-m5kMBRg\">Steve Sheridan interviews Trey Cate from NASA about Space Launch System (in 2016)<\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=XVjwrAsC1N0&#038;t=8s\">Steve interviews Jared Daum, NASA engineer who worked on the parachutes for the Orion mission (2018)<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Gives Bart even more appreciation for the amazing human computers from the <em>Hidden Figures<\/em> movie (<a href=\"https:\/\/en.wikipedia.org\/wiki\/Hidden_Figures\">Find out more \u2014 en.wikipedia.org\/\u2026<\/a>)<\/li>\n<li>\ud83d\udcca  <strong>Related:<\/strong> Allister Jenks shared this very apt cartoon with the star of <em>Hidden Figures<\/em> as the protagonist: <a href=\"https:\/\/kind.social\/@azteclady\/116383456723452854\">@azteclady@kind.social on Mastodon: &#8220;#JoyScrolling #ArtemisII #HiddenFigures #Celebrat\u2026&#8221;<\/a><\/li>\n<li><strong>From Bart:<\/strong>\n<ul>\n<li>\ud83d\udcca <a href=\"https:\/\/xkcd.com\/3228\/\">XKCD 3228: Day Counter<\/a><br \/>\n<img decoding=\"async\" src=\"https:\/\/imgs.xkcd.com\/comics\/day_counter.png\" alt=\"A line-drawing of a sign in an office reading &quot;It has been -0.00000000000000044 days since our last floating point error&quot;\" title=\"It has been \u22122,147,483,648 days since our last integer overflow.\" \/><\/li>\n<li>\ud83c\udfa7 The Sci-Fi &amp; fantasy podcast <em>Imaginary Worlds<\/em> celebrated 300 episodes, and asked fans to support the show by sharing with friends \u2013 if the tag line <em>&#8220;how we create them &amp; why we suspend our disbelief&#8221;<\/em> sounds intriguing, you&#8217;ll love this show \u2014 <a href=\"https:\/\/www.imaginaryworldspodcast.org\/\">www.imaginaryworldspodcast.org\/\u2026<\/a> <\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. \ud83c\uddfa\ud83c\uddf8 A good analysis of the US router ban that had just broken last time: The United States router ban, explained \u2014 www.theverge.com\/\u2026 Reported as a Probably Breach last time: 1.2 million Crunchyroll users [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[2060,50,569,2003],"class_list":["post-35736","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-malware","tag-security","tag-security-bits","tag-vulnerabilities"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35736","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=35736"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35736\/revisions"}],"predecessor-version":[{"id":35738,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35736\/revisions\/35738"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=35736"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=35736"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=35736"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}