Here's a refresher on how to think about stories in the news from a "secure by design" standpoint. Many stories about compromises of consumer devices and apps are unfortunately overstated or outright hoaxes (what I call "hacklore"). Some sample questions that we should ask:

-Which operating systems, apps, etc. are affected? What versions?

-What did the software/hardware manufacturer say in response to the alleged vulnerability? Are they going to address it in a future version?

-How can users determine if the attackers successfully compromised them?

Questions like this can help us urge technology companies to improve the security of their products. Or, in some cases, it can reveal the alleged allegations as incredibly rare, or even as hoaxes.

Reporters should pay special attention to the full list of questions here:

https://www.cisa.gov/news-events/news/applying-secure-design-thinking-events-news