Apple has issued security updates for multiple version of macOS on Wednesday. Among other flaws, it fixes the sudo flaw known as Baron Samedit.
Mophie Releases Wireless Charging Stand+ With Soft Fabric
This week mophie released a new product called wireless charging stand+. It lets you charge three device at once.
EU Privacy Watchdog Backs Safeguards And Curbs on Tech Giants
The EU’s privacy watchdog backed attempts to limit some of the power currently enjoyed by big tech firms and proposed additional measures.
35 Companies Including Apple Hacked in Supply Chain Attack
Security researcher Alex Birsan was able to breach over 35 companies’ internal systems, including Apple, Microsoft, PayPal, Spotify, Netflix, and others. He did this through bug bounty programs and pre-approved penetration testing arrangements (aka, he’s one of the good guys). He earned over US$100,000 in bounties.
The attack comprised uploading malware to open source repositories including PyPI, npm, and RubyGems, which then got distributed downstream automatically into the company’s internal applications.
Unlike traditional typosquatting attacks that rely on social engineering tactics or the victim misspelling a package name, this particular supply chain attack is more sophisticated as it needed no action by the victim, who automatically received the malicious packages.
BioLite Introduces its Charge PD Powerbank Series
BioLite has released a line of powerbank chargers called Charge PD. There are three products in this series and each one has a different battery capacity.
Apple Apologizes For Mistakenly Removing Student’s Indigenous Language App from App Store
Student, Brendan Eshom, a member of the Gitga’at community of the Ts’msyen First Nation, launched an app that shared his community’s culture and promoted a word each day in its language – Sm’algyax. However, it was removed and the young developer tried to contact Apple to found out. He got no answers, but the company has confirmed to Global News that it was taken down in error, has been reinstated, and apologized.
He says he reached out to Apple multiple times for an explanation, but couldn’t get answers. “It was definitely more discouraging to not even hear why they took it down in the first place,” he said. Eshom contacted Consumer Matters for help. Consumer Matters contacted Apple asking why the app had been removed and why Eshom’s status on Apple had been terminated. In an email, Apple stated: “Maintaining the integrity of the App Store is a responsibility we take seriously to ensure the safety of our customers, and give every developer a platform to share their brightest ideas with the world. Unfortunately, this developer’s app, which is a great example of how technology can be used to bridge cultural understanding, was mistakenly removed from the App Store
macOS Big Sur 11.2.1 With MacBook Pro Charging Fix Now Available
macOS Big Sur 11.2.1 is out and addresses battery charging issues suffered by users with a 2016 or 2017 MacBook Pro.
AirBuddy 2 - Connect AirPods to Your Mac with One Click: $8.99
We have a deal on AirBuddy 2, a Mac utility that lets you connect your AirPods to your Mac with a single click. With AirBuddy, you can also open your AirPods case next to your Mac and see the current status right away, just like it works on your iPhone or iPad. It’s $8.99 through our deal.
Hackers Tried to Poison Florida Town’s Water Supply
Most security news I’ve shared involves purely digital hacking. This story from Reuters is a case of using hacking to affect the physical world, like an attempt to poison a town’s water supply.
The hackers then increased the amount of sodium hydroxide, also known as lye, being distributed into the water supply. The chemical is typically used in small amounts to control the acidity of water, but at higher levels is dangerous to consume.
Oldsmar Mayor Eric Seidel said in a press conference on Monday that the affected water treatment facility also had other controls in place that would have prevented a dangerous amount of lye from entering the water supply unnoticed.
Spotify Finally Testing Live Lyrics Feature in U.S.
Spotify is finally rolling out its Live Lyrics feature to some users in the U.S, Engadget reported. Equivalent features are widely available on rivals Apple Music and Deezer.
It’s worth noting that Spotify’s “new” approach to lyrics — which is once again powered by Musixmatch — isn’t really all that new. The company has been testing the feature in markets around the world for years, and officially launched it in 26 markets — including Brazil, Mexico, Vietnam, Hong Kong, Thailand, India and more — around the middle of 2020. More recently, live lyrics were also made available to users in South Korea when the service launched there earlier this month. At the risk of sounding a little obvious, though, not every test market ultimately gets access to the feature at wide scale. Spotify, for instance, ran a similar test in Canada before discontinuing it around June 2020; to our knowledge, the feature has never reappeared. This move puts Spotify on more even footing with competing services like Apple Music and Deezer, and should help the company from losing competitors to more feature-rich rivals.