Security

Attackers have figured out how to use SIM cards to locate any device anywhere in the world.

Many Android flashlight apps take so many system permissions that they can do almost anything on your phone.

Firefox wants you to help beta-test its VPN-like service, which will encrypt your traffic and hide your IP address.

Google booted 24 Android apps from its Play Store after they were found to be stealing contact info.

Eight states are investigating Facebook, and a similar probe will soon be launched into Google. Here's what you need to know.

Google was told of a serious security flaw in Android six months ago, but hasn't fixed it yet.

Twitter CEO Jack Dorsey appeared to have his Twitter account hacked Friday — but it really may not have been hacked at all.

The attacks likely affected thousands of people via previously unknown bugs in Safari and iOS.

Google pushed out a Chrome patch for Windows, macOS and Linux to fix a remote-code-execution flaw.

Apple overhauled how Siri voice recordings are reviewed by humans, making the entire process opt-in for users.

Popular Android app with 100 million downloads was infected with a backdoor sometime in its lifecycle.

How strong your password is barely matters, says a Microsoft expert. What counts is two-factor authentication.

Apple pushed out an update to iOS that shuts down a jailbreak disclosed last week.

Spammers have figured out how to infiltrate your Google Calendar. Here's how to keep them at bay.

A flaw in Lenovo's Solution Center program could put millions of older Lenovo laptops at risk. Here's how to secure your PC.

Voice assistants like Alexa, Google Assistant, and Siri are prone to calling scammer phone numbers when asked to auto dial.

Like Trend Micro last week, some Bitdefender software permits a sneaky attack on Windows systems.

Former Microsoft contractors admit to listening in on Cortana recordings picked up by Xbox game consoles.

Thousands of credit-card numbers were exposed in an online database belonging to MoviePass.

The YubiKey 5ci features a Lightning plug, making it the first security key to work with iPhones.

A new iPhone jailbreak works on the current version of iOS.

Password Checkup, a new Chrome plug-in, found 1.5 percent of accounts overall have compromised log-in credentials.

Kaspersky antivirus software put what appeared to be tracking IDs on all web pages rendered in browsers.

Trend Micro patches code-injection bugs in its password manager and antivirus suites.

Hy-Vee said many of its gas stations, restaurants and drive-thru coffeeshops have fallen to a payment-card data breach.

Many smart-home devices can't be properly factory reset, leaving behind user data, a researcher says.

Many top robocall-blocking apps pass on your data to third parties, a researcher said.

Thieves stole customer data from the parent company of Comfort Inn, Clarion, EconoLodge, Quality Inn.

A Boston-area teenager found serious flaws with his high school's student-tracking software, but got suspended when he tried to report them.