Capping a week of incompetence, failures, and general shady behavior in responding to its massive data breach, Equifax has confirmed that attackers entered its system in mid-May through a web application vulnerability that had a patch available in March. In other words, the credit-reporting giant had more than two months to take precautions that would have defended the personal data of 143 million people from being exposed. It didn’t.

Source: The Equifax Breach Was Entirely Preventable | WIRED

CISPA, the controversial cybersecurity bill passed by the House last week, appears to be dead in the Senate. It’s deja vu all over again for the measure, which would authorize private companies to share your email, texts and other personal information with federal agencies without a warrant or other privacy protections. Last year, CISPA also cleared the House but foundered in the Senate.

CISPA, The Privacy-Threatening Cyberspying Bill, Is Dead In The Senate – ReadWrite.

On Saturday, Microsoft published a security advisory warning users of Internet Explorer 6, 7, and 8 that they could be vulnerable to remote code execution hacks. The company said that users of IE 9 and 10 were not susceptible to similar attacks and recommended that anyone using the older browsers upgrade. Still, customers who still run Windows XP can not upgrade to IE 9 and 10 without upgrading their OS.

Read more: Microsoft says IE 6, 7, and 8 vulnerable to remote code execution | Ars Technica.