Sofia Elizabella Wyciślik-Wilson

A security researcher has released proof-of-concept code for a zero-day exploit in Windows 10. The bug was revealed by SandboxEscaper, a researcher who has exposed Windows vulnerabilities in the past.

The latest bug makes it possible to overwrite files with arbitrary data, and while there are numerous criteria that must be met in order for the vulnerability to be exploited, it is still potentially serious. SandboxEscaper warned Microsoft about the problem on Christmas day, before publishing the PoC a couple of days later.

Starting in January, the European Commission is going to fund bug bounty programs for a number of open source projects that are used by members of the EU. The initiative is part of the third edition of the Free and Open Source Software Audit (FOSSA) project, which aims to ensure the integrity and reliability of the internet and other infrastructure.

In all, the Commission will fund 15 bug bounty programs, with rewards ranging from €17,000 ($19,400) to €90,000 ($103,000).

A number of major US newspapers -- including the Los Angeles Times, Chicago Tribune, Wall Street Journal and New York Times -- have been hit by a cyberattack that is said to originate from another country.

Malware was first detected on Thursday by Tribune Publishing, the owner of some of the affected titles, but unsuccessful attempts at quarantining meant that there was disruption well into Saturday. The Department of Homeland Security is currently investigating the incident which is not thought to have exposed any personal customer details.

Spam may be something that's most commonly associated with email, but it's also something that blights text messaging. Google is trying to do something about the problem with a spam protection feature for Messages on Android.

This is a feature we learned about earlier in the year, and it is now starting to roll out to handsets. In order for the feature to work, "some" information about the messages you receive needs to be sent to Google -- something that it sure to raise a few eyebrows (and hackles) among the privacy-centric.

The popularity of software betas and the Windows Insider program show that people are keen to get their hands on things earlier. There is a certain delight in tinkering with experimental tools, utilities and apps, and if this is the sort of thing that excites you, you'll be pleased to hear that Mozilla has brought Mozilla Labs back from the dead with a new site.

Not seen for a number of years, Mozilla Labs used to be home to experimental Firefox projects. Now, the relaunched version is home to more, including Project Things, Spoke, Hubs and more -- Firefox is no longer the sole focus.

Instagram users around the world were briefly thrown into a mixture of confusion, delight and anger today when timelines switched to a new horizontal scrolling mode.

Greeted by a message that Instragram was "Introducing a New Way to Move Through Posts", users found that they could now tap to scroll through their feed horizontally. This is something that Instagram is known to have been testing for a little while now, but it seems that today's rollout was entirely accidental -- albeit one that gave a tantalizing glimpse into the future. The company has now reverted feeds to the familiar verticals scrolling mode, blaming the temporary change on a bug.

As 2018 draws to a close, it's a time not only for looking back over what the past year has offered, but also for looking forward to the new year and what's on the horizon. There's certainly a lot to look forward to in terms of hardware in 2019, but there's also a great deal on the software front.

The developer of the popular image editing tool Paint.NET, Rick Brewster, has shared his vision of what the coming year holds for his software. The 2019 roadmap for Paint.NET is an exciting one, promising migration to .NET Core, support for brushes and pressure sensitivity, and an expanded plugin system.

OnePlus is well known for many things, including building up massive hype around its (generally) powerful and (relatively) cheap handsets. But one of the reasons many people choose the company is that it has always been quick at rolling out Android updates to newer handsets -- and it has a great track record for supporting its phones for much longer than its rivals do with their handsets.

The company may well be concerned about shifting its latest models, but owners of previous generations have not been forgotten when it comes to Android Pie. The latest version of Android is already available for the OnePlus 6 and 6T, and now the update is rolling out to the OnePlus 5 and OnePlus 5T in the form of OxygenOS 9.0.0.

A few days ago, Microsoft issued an emergency patch for Internet Explorer to fix a zero-day vulnerability in the web browser.

The problem affects versions of Internet Explorer from 9 to 11 across multiple versions of Windows, but it seems that the patch has been causing problems for many people. Specifically, people with some Lenovo laptops have found that after installing the KB4467691 patch they are unable to start Windows.

Giving Linux fans a little Christmas present, Linus Torvalds has announced that version 4.20 of the Linux kernel is now available.

In a post to the Linux Kernel Mailing List, Torvalds said that there was no point in delaying the release of the latest stable version of the kernel just because so many people are taking a break for the holiday season. He says that while there are no known issues with the release, the shortlog is a little longer than he would have liked. However "nothing screams 'oh, that's scary'", he insists.

In recent years, technology companies have been under increasing pressure to be more transparent about the requests for data they receive from global governments. Firms such as Microsoft, Google and Facebook publish regular transparency reports, and Apple is no different.

Now the company has launched a new transparency report website which makes it even easier to trawl through its twice-yearly publication and see how many data requests have been issued by different governments.

Earlier this week, we wrote about the growing number of people who have complained that their iPad Pro is bent. This is not something that has developed over time, but a problem that was present out of the box.

Apple responded to complaints by saying that the bend that has been noticed in some iPad Pro chassis was not a defect. Now the company has issued a further statement indicating that it believes the tablet's "unibody design meets or exceeds all of Apple's high quality standards of design and precision manufacturing". This is not something an owner of a bent iPad Pro would probably agree with.

Just a few days ago, a lawsuit was filed against Apple accusing it of using misleading images in advertising to disguise the notch of the iPhone XS. Now it is OnePlus that has been accused of editing advertising images of its phones, this time to make the bezel of the OnePlus 6T seem smaller.

The company was called out on Twitter after people noticed that the OnePlus 6T featured in promotional videos appeared to have a much smaller "chin" than the real-life phone.

Microsoft recently confirmed that it plans to transition its Edge browser away from the EdgeHTML engine to Chromium, embracing open source, bringing Chrome extensions and more. Making such a big change obviously requires a lot of testing, and Microsoft is giving you the chance to get involved via the Microsoft Edge Insider program.

The company already has the Windows Insider program for people who want to get their hands on new builds of Windows 10 earlier than they would normally, but this is a commitment that not everyone is willing to sign up for. Now Microsoft has launched a beta program for Microsoft Edge so you can try out early builds and help to shape the future of the browser.

Microsoft has a new open source project -- Project Mu. This is the company's open-source release of the Unified Extensible Firmware Interface (UEFI) core which is currently used by Surface devices and Hyper-V.

With the project, Microsoft hopes to make it easier to build scalable and serviceable firmware, and it embraces the idea of Firmware as a Service (FaaS). This allows for fast and efficient updating of firmware after release, with both security patches and performance-enhancing updates.