Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack
Researcher warns the highly-rated Kasa family of security cameras have bugs that gives hackers access to private video feeds and settings.
Google Bans Stalkerware Ads – With a Loophole
Starting in August Google is banning ads of products or services promoting stalkerware.
Smartwatch Hack Could Trick Dementia Patients into Overdosing
Attackers could hack the smartwatch and send dementia patients alerts for taking their medication.
Report: Most Popular Home Routers Have ‘Critical’ Flaws
Common devices from Netgear, Linksys, D-Link and others contain serious security vulnerabilities that even updates don’t fix.
Microsoft Warns on OAuth Attacks Against Cloud App Users
Application-based attacks that use the passwordless "log in with..." feature common to cloud services are on the rise.
Zoom Zero-Day Allows RCE, Patch on the Way
Researchers said that the issue is only exploitable on Windows 7 and earlier.
Joker Android Malware Dupes Its Way Back Onto Google Play
A new variant of the Joker malware has hoodwinked its way onto the Google Play marketplace yet again, in 11 Android apps that were recently removed.
BlueLeaks Server Seized By German Police: Report
The server contained almost 270 gigabytes of data collected from 200 police departments, law enforcement training and support resources and fusion centers.
‘Undeletable’ Malware Shows Up in Yet Another Android Device
Researchers have found trojans and adware in preinstalled apps on a low-cost device distributed by the government-funded Lifeline Assistance Program.
Advertising Plugin for WordPress Threatens Full Site Takeovers
Thousands of vulnerable websites need to apply the patch to avoid RCE.
Notorious Hacker ‘Fxmsp’ Outed After Widespread Access-Dealing
The Kazakh native made headlines last year for hacking McAfee, Symantec and Trend Micro; but the Feds say he's also behind a widespread backdoor operation spanning six continents.
Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks
The phishing campaign targeted Office 365 accounts in 62 countries, using business-related reports and the coronavirus pandemic as lures.
15 Billion Credentials Currently Up for Grabs on Hacker Forums
Unprecedented amounts of data for accessing bank accounts and streaming services are being flogged on the dark web.
BEC Hotshot with Opulent Social Media Presence to Face U.S. Charges
The Nigerian native has been extradited from Dubai after a string of over-the-top Instagram posts.
Keeper Threat Group Rakes in $7M from Hundreds of Compromised E-Commerce Sites
Researchers warn that Keeper, using Magecart code, will launch increasingly sophisticated attacks against online merchants worldwide in the coming months.
Cerberus Banking Trojan Unleashed on Google Play
The Cerberus malware can steal banking credentials, bypass security measures and access text messages.
Citrix Bugs Allow Unauthenticated Code Injection, Data Theft
Admins should patch their Citrix ADC and Gateway installs immediately.
Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites
A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals.
First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered
Researchers warn that Cosmic Lynx targets firms that don't use DMARC and uses a "mergers and acquisitions" pretext that can lead to large sums of money being stolen.
Android Users Hit with ‘Undeletable’ Adware
Researcher say that 14.8 percent of Android users who were targeted with mobile malware or adware last year were left with undeletable files.
Windows 10 Security Game-Changer As Microsoft Reveals New Hacker Protection
Microsoft is set to bring a powerful new security feature to Windows 10 that just might be a game-changer.
15 Billion Stolen Logins Are Circulating on the Dark Web
Plus: Facebook's Roger Stone takedown, the BlueLeaks server seizure, and more of the week's top security news.
Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily
Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content,...
Is TikTok Seriously Dangerous—Do You Need To Delete It?
Here's the reality behind all the headlines...
iPhone User Sues LinkedIn For Reading Clipboard Data After iOS 14 Alert Revelations
The fallout from Apple's new iOS 14 privacy notification feature continues as one iPhone user files a class-action lawsuit against LinkedIn for silently reading clipboard data.
