Images of UTM SE from its App Store listing. | Screenshots: UTM SE

Apple has approved UTM SE, an app for emulating a computer to run classic software and games, weeks after the company rejected it and barred it from being notarized for third-party app stores in the European Union. The app is now available for free for iOS, iPadOS, and visionOS. After Apple rejected the app in June, the developer said it wasn’t going to keep trying because the app was “a subpar experience.” Today, UTM thanked the AltStore team for helping it and credited another developer “whose QEMU TCTI implementation was pivotal for this JIT-less build.”

  Screenshot: UTM SE
  UTM SE doesn’t include any virtual machines, but does help you find them.

As with other emulators on the App Store, you can’t do much...

Continue reading…

Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router models. [...]

Many organizations lack policies and training to address the risk of shadow IT, including GenAI.

Proactively stop hosting scams or face hefty fines.

Administration Continues to Shift Software Security Responsibilities to DevelopersThe Biden administration is calling on government agencies and departments to file fiscal year 2026 budget proposals that focus on defending critical infrastructure, dismantling threat actors and investing in resilient federal systems, according to a new memorandum issued this week.

A veteran investigator of video-game leaks reveals the tricks of the trade

Red team exercise revealed a score of security fails The US Cybersecurity and Infrastructure Security Agency (CISA) says a red team exercise at a certain unnamed federal agency in 2023 revealed a string of security failings that exposed its most critical assets.…

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people -- nearly all of its customers. AT&T said it delayed disclosing the incident in response to "national security and public safety concerns," noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

A wave of coordinated DNS hijacking attacks targets decentralized finance (DeFi) cryptocurrency domains using the Squarespace registrar, redirecting visitors to phishing sites hosting wallet drainers. [...]

Six months of call and text records taken from AT&T workspace on cloud platform.

Sean Lyngaas / CNN: Sources: US car dealership software provider CDK Global appears to have paid ~$25M to hackers on June 21, after a ransomware attack shut down its systems  —  CDK Global, a software firm serving car dealerships across the US that was roiled by a cyberattack last month, appears to have paid …

Signal is finally tightening its desktop client's security by changing how it stores plain text encryption keys for the data store after downplaying the issue since 2018. [...]