Latest news from Naked Security (2019/04/02)

Government spyware hidden in Google Play store apps

The malware, dubbed Exodus, records and steals all manner of data and leaves phones vulnerable to further hacking and data tampering.

TP-Link router zero-day that offers your network up to hackers

Downgrade attack lets any user take over – just ask for old-style access to the debugging port and you won’t need a password.

Are there viable alternatives to Facebook and Twitter?

There’s growing interest in social networks that prioritize user control. Two of the popular ones are Mastodon and Diaspora.

VMware patches critical vulnerabilities

VMware has released patches for several critical security vulnerabilities, days after two were unveiled at Pwn2Own.

Possible Toyota data breach affecting 3.1 million customers

Several Toyota companies have announced that they might have suffered data breach attempts, with one affecting 3.1 million customers.

Wrecked Teslas hang onto your (unencrypted) data

Sold at salvage and auctions, they contain info from drivers’ paired mobile devices, plus highly personal pre-crash video.