Ever since the discovery of the dreaded Stuxnet worm in the wild, security experts have been concerned that a devastating cyberattack could be launched against critical infrastructure, causing signal lights to go haywire, emergency service phone lines to go down, power grids to go offline and more.

It’s been long-held conventional wisdom that the safest place you can purchase apps is either the Google Play Store if you have an Android device, or the Apple Store if you’ve got a device built around iOS.

That’s still true for the most part, but in recent months, Apple has been running into a problem that Google has a lot of familiarity with.

The fact that Microsoft Office Products (Word, PowerPoint and Excel) can be used to install malware onto an unsuspecting user’s computer has been common knowledge for years. But recently, security researchers at SentinelOne have discovered a new technique being used by a group of hackers that poses a serious threat.

If you haven’t heard of a company called Rafotech, you’re not alone. But the simple truth is that they control an enormous network of infected computers, numbering more than 250 million devices. That number is increasing rapidly.

Rafotech offers free games, apps and other products to their customers.

Do you visit the GodLike Productions forum? If you’re not sure what that is, then you don’t have anything to worry about, but if you’re a member of that forum, you may have been infected by a particularly nasty malvertising app.

Check your device.

If you use a router built on old WiMAX technology, be advised that you’re very likely at risk. The severe security flaws were discovered by the security firm SEC Consult, and take two forms.

Firstly, there’s a flaw in the firmware that leaves the router’s admin panel exposed to the web, opening the door to remote hacking.

Microsoft has issued an emergency, out-of-band patch to shore up some critical weaknesses in Window’s Malware Protection Engine.

This is an unseen part of the OS that actively scans and prevents malicious code from ever making its way onto your system in the first place.

An AOL developer named Ran Bar-Zik has unearthed a disturbing flaw in Chrome that may make you rethink using Google’s web browser.

The issue revolves around a website’s ability to activate your camera and audio recorder. Google uses an API which legitimate developers call, that displays a distinctive red dot on the browser tab when the page in question activates your laptop’s camera and recording equipment (like it does when you activate a video call via a Google Hangout page, for example).

The problem is that this API is not required to be used, and an enterprising hacker can use malicious JavaScript to activate your camera without notifying you, and without any visible indication that the camera is on.

Security professionals have been talking for months about the dangers of smart devices, most of which are almost comically (and tragically) lacking in even the most basic security protocols. More recently, the global Wannacry Ransomware attack demonstrated that smart medical devices were vulnerable to attack, with several of them being temporarily shut down by the malware.

Last month, the fast food chain Chipotle announced that they had been the victim of a large-scale data breach, but initially, the company was unable to provide any specific information regarding the scope and scale of that attack. Now, they have, and it’s worse than anyone could have imagined.