Kapersky Labs

Researchers show how rogue web applications can be used to attack vulnerable browser extensions in a hack that gives adversaries access to private user data.

The French Data Protection Authority (DPA) found a lack of transparency when it comes to how Google harvests and uses personal data for ad-targeting purposes.

The patches are part of Adobe's second unscheduled update this month.

Two apps on Google Play were infecting devices with the Anubis mobile banking trojan.

The Fallout EK has added the latest Flash vulnerability to its bad of tricks, among other tune-ups.

Threatpost editors break down the top headlines from the week ended Jan. 18.

A default configuration allows full admin access to unauthenticated attackers.

Twitter has fixed the issue, which has been ongoing since 2014.

Microsoft is offering rewards of up to $20,000 for flaws in its Azure DevOps online services and the latest release of the Azure DevOps server.

Apple CEO Tim Cook has called on the government to double down on data privacy regulation in 2019.

Thousands of individual breaches make up the database, one of the largest troves of stolen credentials ever seen.

New samples of cryptomining malware performs a never-before-seen function: uninstalling cloud security products.

Our reader poll showed overwhelming support for 2FA even in the wake of a bypass tool being released -- although lingering concerns remain.

The storage server was left open for about a week and exposed everything from sensitive FBI investigations to data related to patients with AIDS.

The two were able to hack into the SEC's computer systems due to phishing attacks that stole credentials and spread malware.

Leaky Fortnite single sign-on mechanism could have allowed hackers to access game accounts.

The threat group also has a new subsidiary, Magecart Group 12.

VOIPO acknowledged that a development server had been accidentally left publicly accessible, and took the server offline.

Multiple hardcoded passwords allow attackers to create badges to gain building entry, access video surveillance feeds, manipulate databases and more.

January is off to a running start on the data breach front, while Experian is predicting new attack frontiers ahead.