Happy Veterans Day. Please make sure that this isn't the only day of the year that you take the time to do something for a veteran in your life.
The OWASP Top 10 project has added the Serverless Application Top 10 to the collection.
https://github.com/OWASP/Serverless-Top-10-Project/
Here's a good analysis of a live example of an Android banking trojan.
https://lukasstefanko.com/2018/11/video-analysis-of-android-banking-trojan-found-on-google-play.html
A malicious FaceTime caller can cause a kernal panic in some devices.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1641
Squally is a purposefully vulnerable video game to teach hacking of games. Neat idea.
https://squallygame.com/
Struts has yet another RCE bug.
https://www.theregister.co.uk/2018/11/07/flaw_in_apache_struts/
There is a XSS bug in Evernote!
https://securityaffairs.co/wordpress/77789/hacking/evernote-xss-flaw.html
And that's the news.