How EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week’s Apple security announcements are all discussed.

Moto G4 and Moto G5 model Motorola phones are vulnerable to kernel command line injection vulnerabilities.

VMware fixed two critical vulnerabilities in its vSphere Data Protection solution this week that could have allowed an attacker to execute commands on the appliance, among other outcomes.

Cisco patched two critical flaws in its Prime Data Center Network Manager, including one that could be exploited remotely and allow an attacker root access.

WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors.

Google removed a rooting an Android Trojan called Dvmap from Google Play that injects malicious code into an infected device’s system library.

The Electronic Frontier Foundation sued the United States Department of Justice demanding to know whether the agency is complying with rules that mandate a periodic review of National Security Letter gag orders.

Now that researchers have built a port of EternalBlue to Windows 10, they’ve probably only now caught up to what the NSA has had for a long while.

Zusy malware installs when victims hover over an opened PowerPoint file – no clicking needed.

The results of an academic experiment reveal that recipients of Facebook messages are much more likely to click on suspicious links.