Backdoor secrecy The hardcoded password flaw, identified as CVE-2024-20439, could be exploited to achieve administrator privileges via the app’s API. The second flaw, CVE-2024-20440, could allow an attacker to obtain log files containing sensitive data such as API credentials. With both given an identical CVSS score of 9.8, it’s a toss-up as to which is the worst of the two. However, the vulnerabilities could clearly be used together in ways that amplify their danger, making…

Bose QuietComfort Ultra Earbuds ZDNET’s key takeaways The Bose QuietComfort Ultra earbuds are by far the best noise-canceling earbuds I’ve tested, and they’re currently discounted by $80 The earbuds deliver immersive sound, and they’re the earbuds I rely on for flights to silence all external noise Prolonged wear can be uncomfortable more buying choices Bose’s QuietComfort Ultra earbuds are $80 off ahead of Amazon’s Big Spring Sale, taking the price down from $300 to $220….

ZDNET’s key takeaways SVS Prime Wireless Pro powered speakers are available now from the SVS website for $699. You won’t find a smoother, better-blended sound from an active speaker at this price point. To get the best bass, you should pair these with the SVS SB-1000 Pro subwoofer. more buying choices Most consumers believe punchy bass and sizzling highs are key to a good speaker. If that sounds like your taste, then you have a…

Xuanyu Han/Getty Images A phishing attack that previously hit Windows users has now switched its target to the Mac. In a report published Wednesday, security provider LayerX Labs explains how and why the attackers are now eager to scam Mac users. Also: What is vishing? Voice phishing is surging – expert tips on how to spot it and stop it In the initial campaign launched against Windows users, the scammers set up websites to display fake…

LayerX A phishing attack that previously hit Windows users has now switched its target to the Mac. In a report published Wednesday, security provider LayerX Labs explains how and why the attackers are now eager to scam Mac users. In the initial campaign launched against Windows users, the scammers set up websites to display fake security warnings claiming that the person’s computer had been compromised and locked. After prompting the potential victim to enter their…

Kyle Kucharski/ZDNET Google Chrome users who want to stay safe and secure will want to update their browser to the latest version. That’s because it contains a fix for a critical vulnerability that could cause Chrome to crash or even infect your system or device with malware. On Wednesday, Google released Chrome version 134.0.6998.117/.118 for Windows and Mac and 134.0.6998.117 for Linux. Rolling out over the next few days and weeks, this version offers several…

Kerry Wan/ZDNET I’ve been covering Macs for over a decade, and my preferred Mac is mostly been the M3 MacBook Air over the past year. That’s why I’m thrilled to see Amazon running discounts for multiple configurations during its Spring Sales event. Right now, you can purchase an M3 MacBook Air for at least $300 off. That gives you twice the storage (512GB) as what you’d get with the base M4 model that just came…

Sabrina Ortiz/ZDNET There was a time I refused to drink coffee at home because no matter how strong of a coffee pod I bought for my Keurig, the coffee always tasted watered down. I started wondering whether I’d ever achieve the same hand-crafted coffee shop taste at home — until I was gifted the Nespresso VertuoPlus Coffee and Espresso Machine by De’Longhi.  With this Nespresso machine, I can make a regular cup of coffee or an…

Grab a Garmin Forerunner 255S on sale now. Garmin/ZDNET My husband and I are sticklers for tracking our sleep, calories, performance, recovery, and, my personal favorite, HRV status. The Garmin Forerunner 255S is a favorite among our gym friends for tracking health features. It sports a slim design and the full-color display is easy to read even in direct sunlight. The wearable is available in two sizes: 46 mm and 41 mm. Plus, with up to 12…