A fake 'TikTok Pro' app is spyware that can steal passwords, read text messages and take screenshots, a security firm says.
Yubico released the YubiKey 5C NFC, a two-factor-authentication security key for all modern computers and smartphones.
Microsoft account passwords can be stolen by customized Windows 10 desktop themes, a security researcher says.
The Joker scamware app was found in another six Android apps in the Google Play store, and users who have them installed may be hit with fraudulent premium-SMS charges.
WhatsApp is being more transparent about its security bugs with a dedicated section on its website — and that's great news for user trust in the messaging app.
Apple approved the notorious Shlayer malware for installation on macOS Catalina and Big Sur, security researchers say.
Google removed from the Play Store nearly 60 Android apps that promised free sneakers and concert tickets but actually committed ad fraud.
A new strain of the Qbot malware hijacks email threads and online banking sessions to steal passwords and other credentials, researchers say.
A flaw in Apple's Safari browser could let malicious websites trick you into sending strangers your browsing history and other personal data.
More than 1,200 iPhone apps may be infected with malicious adware, a security firm says, but Apple denies there's any problem.
Data scraped from nearly 235 million Instragram, TikTok and YouTube profiles ended up in an unprotected online database.
Crooks are poisoning open-source Mac software projects with malware that steals passwords and credit cards, installs ransomware and replaces Safari with a malicious browser.
The latest 'Canary' development versions of Chrome let you create a desktop shortcut to automatically open the browser in Incognito mode.
The email pretended to be from Verizon Support, with targets asked to provide a range of personal information including email addresses, passwords and phone numbers.
Security researchers say cyber crooks could have changed Alexa skills and accessed user data by exploiting a range of flaws.
According to cybersecurity firm ESET, the Mekotio banking Trojan is currently active in Brazil, Chile, Mexico, Spain, Peru and Portugal.
Kaspersky disclosed two zero-day flaws actively being exploited in Windows, with the last patch being issued yesterday.
Top cybersecurity-training firm the SANS Institute fell prey to a phishing attack that ended up exposing 28,000 user records.
The TikTok Android app secretly tracked millions of users by collecting permanent device IDs in violation of Google's rules, a report says.
The Russian cybersecurity firm claims that DDoS attacks 'increased three-fold' in the second quarter and attributes the rise to the coronavirus pandemic.
More than 2,000 people using Michigan State's online shop have fallen victim to credit-card theft after hackers inserted malicious code into the website.
A flaw in Chrome, Edge and other browsers could let hackers to get around a crucial security policy used by thousands of websites to prevent cyberattacks.
Apps for Apple's iPhone have just as many security holes as their Android counterparts, says a security researcher who's examined both platforms.
A flaw in the setup process for the August Smart Lock Pro lets attackers grab your home Wi-Fi network's password.
Online test-taking service ProctorU disclosed a data breach affecting more than 440,000 students and instructors.
ExpressVPN says it's seeing a rapid increase in customers following the U.S. government's announcement that it intends to ban TikTok unless an American firm buys it.
A vulnerability in Qualcomm chipsets could lead to spying, data theft and more malware on Android handsets worldwide.
Have I Been Pwned founder Troy Hunt will be the first member of an independent advisory team for VPN provider NordVPN.
President Trump's TikTok ban, explained: How his executive orders will affect TikTok users, Fortnite and more.