Gumtree users' locations were visible by pressing F12
The UK online used goods bazaar Gumtree exposed its users’ home addresses in the source code of its webpages, and then tried to squirm out of a bug bounty after infosec bods alerted it...
The UK online used goods bazaar Gumtree exposed its users’ home addresses in the source code of its webpages, and then tried to squirm out of a bug bounty after infosec bods alerted it...
Unrelated to other recent problems Facebook has had, this particular batch of data was scraped from profiles, meaning it’s publicly available knowledge. That doesn’t stop it from being dangerous. click here to read full...
Two newly discovered malicious Android applications on Google Play Store have been used to target users of Brazil’s instant payment ecosystem in a likely attempt to lure victims into fraudulently transferring their entire account...
A new as-yet unpatched weakness in Apple’s iCloud Private Relay feature could be circumvented to leak users’ true IP addresses from iOS devices running the latest version of the operating system. Introduced with iOS...
A software package available from the official NPM repository has been revealed to be actually a front for a tool that’s designed to steal saved passwords from the Chrome web browser. The package in...
Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company’s Play Store after the apps were caught furtively stealing users’ Facebook login credentials. “The applications were fully functional,...
The database contained admin and user information, including WordPress login URLs, names, email addresses, usernames, roles, host IP addresses, timestamps, and configuration and security information. click here to read full Article Read more on...
Popular short-form video-sharing service TikTok quietly revised its privacy policy in the U.S., allowing it to automatically collect biometric information such as faceprints and voiceprints from the content its users post on the platform....
The findings come from a study of 23 Android apps on the Google Play Store, some of which garnered 10,000 to 10 million downloads, such as Astro Guru, iFax, Logo Maker, Screen Recorder, and...
Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors. “By not following best-practices when configuring and integrating third-party cloud-services into...
An unknown threat actor managed to control more than 27% of the entire Tor network exit capacity in early February 2021, a new study on the dark web infrastructure revealed. “The entity attacking Tor...
A previously undocumented malware downloader has been spotted in the wild in phishing attacks to deploy credential stealers and other malicious payloads. Dubbed “Saint Bot,” the malware is said to have first appeared on...
In what’s likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers...
Cybersecurity researchers on Thursday disclosed two distinct design and implementation flaws in Apple’s crowdsourced Bluetooth location tracking system that can lead to a location correlation attack and unauthorized access to the location history of...
An anonymous security researcher demonstrated that the browser was sending the queries for .onion addresses to public DNS resolvers for all to see, defeating the purpose of using the Tor mode. Click here for...
Russian Dutch-domiciled search engine, ride-hailing and email service provider Yandex on Friday disclosed a data breach that compromised 4,887 email accounts of its users. The company blamed the incident on an unnamed employee who...