There's a risk that someone might get hold of a device and unlock it by holding the screen to the face of its sleeping or unconscious owner.
The fingerprint reader on Samsung’s flagship S10 and Note10 smartphones can be spoofed with a $3 screen protector.
SophosLabs has discovered 15 apps on Google Play that install without icons as a ploy to keep themselves on the user’s device.
It had an Ethernet connection to the ship LAN but was also connected to a Windows console on the bridge which was so bright at night the crew had covered it up. The assumption had been that it was meant to be there.
Two more large organisations find themselves struggling after a ransomware attack...
The flaw is a rare ‘unquoted path class’ described as "so thoroughly documented that you would expect programmers to be well aware..." But that's not the case.
The tiny ATtiny85 chip doesn’t look like the next big cyberthreat facing the world, but sneaking one on to a firewall motherboard would be bad news for security were it to happen.
Some types of 2FA security can no longer be guaranteed to keep the bad guys out, the FBI warned US companies.
Twitter may have “inadvertently” handed phone and email data from some users to advertisers as part of its Tailored Audiences system that targets users’ feeds with ads.
It’s the time-saving technique employed by many coders - copy and paste code from crowd-sourcing 'Q&A' websites. But is it always secure?
PayPal abruptly announced that it was leaving the Libra Association.
Android smartphones are vulnerable to a zero-day exploit that Google thought it had patched for good two years ago.
A researcher has released details of a WhatsApp flaw that could be used to compromise the app and the mobile device the app is running on.
Researchers have discovered weaknesses in PDF encryption which could be exploited to reveal the plaintext contents of a file to an attacker.
This latest Exim flaw could lead to at least a denial of service crash in the software but also the possibility of remote code execution.
As promised in April, Cloudflare has finally launched Warp, a consumer mobile privacy app that looks a lot like a VPN without actually being one.
Outlook on the web bans a further 38 file types
SophosLabs researchers discovered at least 15 apps with millions of downloads charging extraordinary prices right under the Google's nose.
Adobe has rushed out fixes for three vulnerabilities in its ColdFusion web development platform, two of which have been given the top billing of ‘critical’.
Microsoft has rushed to patch two flaws affecting IE versions 9 to 11, one of which the company says is being exploited in real attacks.
Admins have a spot of patching work on their hands after the company released updates addressing two critical flaws.
Google has again been reprimanded for not spotting fake extensions impersonating popular brands in its Chrome Web Store.
IBM has boosted its growing stable of quantum computers with a new 53-quantum bit (qubit) device, the most powerful ever offered for commercial use.
Of the 2,300 archiving systems looked at, 590 were accessible from the internet, exposing 24 million medical records from 52 countries.
Mozilla, Creative Commons and Coil are teaming up to launch a $100m fund to drive out advertising and advocate privacy across the web.
The US has formally sanctioned the Lazarus Group and offshoots Bluenoroff and Andariel, which are allegedly acting on behalf of the DPRK.
Google has discovered a flaw in a Chromebook security feature which allows owners to press their device’s power button to initiate U2F 2FA.
Is this week's test pilot launch of Mozilla Private Network the moment browser VPNs finally become a must-have privacy feature?
Sometimes, a Patch Tuesday update arrives with a bang that sends users scrambling for cover - September's update earns that description.