Web trackers like Bandsintown are exploiting the "Login with Facebook" feature to gain access to data from the social media firm's users, according a report by security researchers at the Freedom to Tinker blog.
This month's Microsoft patch Tuesday included more than 70 patches 15 of which were marked as critical and one that could exploit authentication in Microsoft Remote Desktop Protocol.
MeltdownPrime and SpectrePrime could trick systems into leaking data. Security researchers have found new ways to exploit the Meltdown and Spectre vulnerabilities that have plagued modern CPUs.
A recently patched Flash Player flaw was exploited in a widespread attack spam campaign primarily targeting South Koreans.
DDoS threat actors have started to exploit a known problem with unsecured Memcache servers to launch hugely powerful attacks with little in the way of resource investment required.
Threat actors exploited the CVE-2017-10271 vulnerability which allows for remote code execution to deliver both a 64-bit variant and a 32-bit variant of an XMRig Monero miner, according to a 26 February blog post.
Cisco Talos has made public a new vulnerability in Adobe ReaderDC that if exploited can lead to arbitrary code execution.
Fraud-minded spammers continue to globally exploit the zeitgeist of current events that make opening unsolicited email irresistible, accounting for the 59 percent increase in phishing attacks last year.
An easy-to-exploit bug has left Tinder accounts and private chats exposed to hackers, revealed a researcher this week.
A new version of a familiar menace, AndroRAT, has emerged from out of the trash to exploit long forgotten vulnerabilities.
Attackers were found exploiting a zero-day Telegram app vulnerability in order to make the names and extensions of malicious files appear more legitimate, in hopes that users who received these files would more willingly open them.
Cyber-criminals are using a malware spam campaign to exploit a remote code execution vulnerability in Microsoft Office to download and execute malicious scripts on victims' systems.
More than 5,000 sites, including sites belonging to the NHS, ICO, local councils and the Student Loans Company were hit by a cryptocurrency mining campaign that exploited a popular plug-in to infect sites with a malicious script.
Russian hacking group Fancy Bear, have exploited weakspots in the email systems of defence contract workers to access top secret information on US defence technology, including drones.
Cyber-criminals are exploiting traditional measures of trust to gain a foothold on users systems by compromising trusted sites via background initiated requests, using phishing sites, and typo-squatting.
Adobe Systems today released a critical security update for a pair of vulnerabilities in Flash Player, one of which has been actively exploited in phishing attacks attributed to North Korean APT actor Group 123.
Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.
The new Monero miner Smominru is active in the wild using the EternalBlue exploit to spread, according to a new report.
Adobe Systems says it plans to address a critical zero-day vulnerability in Flash Player that a researcher asserts is being actively exploited in the wild to attack South Koreans conducting research on North Korea.
Nexus Zeta behind botnet that weaponises router exploit to enlist further vulnerable IoT devices. The author of Satori botnet may also be behind two new Mirai variants called Masuta and PureMasuta.
An emerging botnet comprised of compromised IoT devices dubbed "Hide 'N Seek" or HNS is using custom built Peer-to-Peer communication to exploit victims and build its infrastructure.
Malwarebytes researcher Jerome Segura analysed a RIG exploit campaign distributing malware coin miners delivered via drive-by download attacks from malvertising.
An independent security researcher called Siguza revealed a local privilege escalation Zero Day in macOS that can be exploited by any unprivileged user.
Mozilla issued a series of security updates for Thunderbird 52.5.2 that included a critically rated buffer overflow issue that could lead to a crash if exploited.
Researchers recently discovered that a nearly two-decade-old vulnerability in TLS stacks was still exploitable due to insufficient protective counter-measures some used by highly popular websites.
A yet-indeterminate ransomware strain has infected systems all over the world with particular enthusiasm for Ukrainian targets.
WikiLeaks on Thursday dumped more leaked CIA documents with its latest Vault 7 disclosures, this time publishing materials from a tool suite called Brutal Kangaroo that allows attackers to indirectly infiltrate a closed network or air-gapped computer using a compromised flash drive.
A file-transfer mechanism that Microsoft describes as a feature rather than a bug is being exploited by the Platinum hacking group on targeted machines in south east Asia.
As a growing number of cities provide free WiFi networks become, a security researcher demonstrated his successful hack of his city's WiFi network.
Internet of Things (IoT) devices running on the open-source Linux OS are under attack from NyaDrop.