The bug allowed 1,500 apps built by 876 developers to view users' unposted "draft" photos.
Attacks targeting critical infrastructure system are ramping up - and defense has become a top priority for the U.S. government.
The trojan purports to be a battery optimization app - and then steals up to 1,000 euro from victims' PayPal accounts.
Operation Sharpshooter uses a new implant to target mainly English-speaking nuclear, defense, energy and financial companies.
Experts sound off on how companies can work with their third-party suppliers and partners to secure the end-to-end supply chain.
Consumers are growing angry when it comes to data misuse - but the real change will need to come from the tech industry's culture when it comes to privacy.
Issues still exist when it comes to securing biometrics.
The consumer version of Google+ will now be shut down in April instead of August after a bug was found that impacts at least 50 million users.
Emails say they contain a link with screenshots of victims' compromising activity. In reality, the link executes ransomware.
The scam is spread via Facebook and WhatsApp messages.
Watch out for emails about gift cards and corporate donations, researcher warn.
A newly-passed Australian law could allow the government to force tech companies to create backdoors in their products.
Microsoft and the AI Now Institute are both calling for regulation as facial recognition software picks up popularity.
The company allegedly tried to hide away new policy changes that would collect Android app users' call and message logs.
The facial recognition pilot will identify “subjects of interest" around the White House.
Adobe issued a patch for the zero-day on Wednesday.
The vulnerability could lead to arbitrary code execution.
The browser comes with a new set of protections to block pop-ups that could lead to 'abusive experiences.'
The group's skimmer has added some capabilities that steals credentials from admins.
The two apps, “Fitness Balance App” and “Calories Tracker app,” were tricking users into payments of $120.
The incident sheds light on just how insecure printers are.
In part two of our podcast series on Magecart, we talk to expert Yonathan Klijnsma, who has been tracking the threat for years.
The bug bounty "queen" Katie Moussouris discusses the biggest mistakes that companies launching these programs are making.
The hackers had access to the impacted database since 2014.
Hackers can spoof messages, hijack screen controls and kick others out of meetings.
The donut giant first noticed the attack Oct. 31.
The company said it has reset passwords for all Dell.com customers.
The two apps are created by headset software company Sennheiser HeadSetup.
The patch addresses a flaw in Cisco's WebEx platform that lets hackers gain elevated privileges.
Researchers say the bad actor behind the malvertising campaign is still active.
A mobile malware has accelerated its activity in 2018, launching more than 70k attacks in August through October.
From Ford data security speculation to the VisionDirect data breach, the Threatpost editors talk about this week's biggest stories.
In the first part of our podcast series, we talked to Rapid7's chief data scientist about how Magecart has changed.
How can businesses create an effective cyber defense strategy? It starts with defining success, an expert tells us.
A glitch in the UX in Gmail allows the “from” field to be forged so there is no sender listed in the email's header.
Researchers say the Magecart threat group skimmed data of VisionDirect customers using fake Google Analytics scripts.
Hackers took advantage of an unpatched Drupal vulnerability in the organization's website to launch a cryptojacking attack.
The issue comes from how Gmail automatically files messages into the "Sent" folder.
The flaw in a high-end phones and up-and-coming handsets made by top OEMs allows hackers to bypass handset lock screens in seconds.
"Our advice is to stop using this watch" as mitigations are not available, researchers told Threatpost.
The industrial company on Tuesday released mitigations for eight vulnerabilities overall.
Overall, the company released only three patches as part of its regularly-scheduled November update.