While consumers may be looking to scam retailers as the cost of living crisis deepens, cyber criminals are also on the rampage through the sector, with a range of automated threats – from account takeover, credit card fraud, web scraping, API abuses, Grinch bots and distributed denial of service (DDoS) attacks – all becoming a persistent challenge for the eCommerce industry, threatening online sales and customer satisfaction.

What appeared to be one simple Linux Wi-Fi networking security problem was soon revealed to be five different nasty Wi-Fi security problems. Fortunately, the patches are on their way.

Ad goliath reckons complaint is meritless – but it would, wouldn't it?

Google's journey toward Chrome's "Manifest V3" has been happening for four years now, and if the company's new timeline holds up, we'll all be forced to switch to it in year 5. "Manifest V3" is the rather unintuitive name for the next version of Chrome's extension platform. The update is controversial because it makes ad blockers less effective under the guise of protecting privacy and security, and Google just so happens to be the world's largest advertising company.

Cloudflare is testing a new kind of CAPTCHA that tests your browser instead of you. The company calls it Turnstile, and it’s designed to spare us from performing those mundane click-the-traffic-light kinds of tasks to verify you’re a human and not a bot.

Mozilla reaffirmed this week that the Firefox web browser will continue to support an essential Manifest v2 API that content blockers use.

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The flaw affects the desktop app for Windows, Mac and Linux built using Microsoft's Electron framework. Microsoft is aware of the issue but said it has no plans for a fix anytime soon, since an exploit would also require network access.

Apple has released security updates to address the eighth zero-day vulnerability used in attacks against iPhones and Macs since the start of the year.

Agroup of security researchers have hacked a decommissioned communications satellite, called Anik F1R, originally shot into orbit in 2005. Embedded device security researcher Karl Koscher and his colleagues demonstrated that malicious hackers could potentially communicate with satellites that have been decommissioned but not yet moved into their final resting place — their “graveyard orbit.”

SpaceX congratulated a researcher who said he hacked into Starlink using a $25 homemade device as part of the company's bug bounty program.

Russian President Vladimir Putin has told North Korea’s leader Kim Jong Un that he wishes to expand ties between Moscow and Pyongyang, according to state media. North Korea’s KCNA news agency said on Monday that Putin sent a letter to Kim on the 77th anniversary of the end of Japan’s occupation of the Korean peninsula, saying closer ties would be in the interest of both of their countries.

A college student fell victim to a Snapchat sextortion scheme. With a friend's help, she 'hacked back' and sent him to jail.

IMAGINE IF A budding identity thief had a free, user-friendly, publicly searchable database that contained the name, location, date of birth, and mother’s maiden name of millions of people. Enter Amazon registries. We already know that Amazon collects plenty of personal information and data that can be arduous for its users to obtain, but the company also readily shares your information for anyone to access when you set up a registry.

The boss of WhatsApp says it will not "lower the security" of its messenger service. If asked by the government to weaken encryption, it would be "very foolish" to accept, Will Cathcart told the BBC. Government plans to detect child sex-abuse images include the possible scanning of private messages.

THE WEBSITES YOU visit can reveal (almost) everything about you. If you are looking up health information, reading about trade unions, or researching details around certain types of crime, then you can potentially give away a huge amount of detail about yourself that a malicious actor could use against you. Researchers this week have detailed a new attack, using the web’s basic functions, that can unmask anonymous users online. The hack uses common web browser features—included in every major browser—and CPU functions to analyze whether you’re logged in to services such as Twitter or Facebook and subsequently identify you.

The Canadian town of St. Marys had its data stolen and held hostage by a ransomware gang.

Most Android users keep their phone's Bluetooth turned on 24/7, but you may want to reconsider doing that due to the possible security risks.

A Thai minister has admitted the country uses surveillance software to track individuals in cases involving national security or drugs, amid revelations that government critics' phones had been hacked using the Israeli-made Pegasus spyware.

The assassination of former Prime Minister Shinzo Abe has sent shudders through low-crime, orderly Japan

New details connect police in India to a plot to plant evidence on victims' computers that led to their arrest.