In the month of April, I found a zero-day in Sign in with Apple that affected third-party applications which were using it and didn’t implement their own additional security measures. This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid… Read More


Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 Samsung patched this month a critical bug discovered by Google security researchers. South Korean smartphone vendor Samsung released this week a security update to fix a critical vulnerability impacting all smartphones sold since 2014. The security flaw resides in how the Android OS flavor running… Read More


Last November, software developers Lenny Bakkalian and David Albert discovered two loopholes in the German McDonald’s system which allowed them to order an endless supply of free food. Recently, I met the two Hamburglars and their colleague Mats Tesch at an East Berlin McDonald’s so they could show me how they did it. McDonald’s receipts… Read More


10.6 million people who had stayed at MGM Resorts have had their personal data published on a hacking forum, it was revealed this week. It is thought that the recent breach stems from an earlier incident which occurred last year, whereby unauthorised actors were able to access MGM’s internal cloud and therefore the personal information… Read More