A cloud misconfig by SocialArks exposed 318 million records gleaned from Facebook, Instagram and LinkedIn. More than 400GB of public and private profile data for 214 million social-media users ...

A reported a "potentially dangerous piece of functionality" allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive.

Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency.

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates ...

Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.

New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw.

Previously, Changpeng had tweeted that his company’s threat intelligence team detected 1 billion Chinese resident records for sale on the dark web, citing the “likely” culprit for the leak ...

Here’s what cybersecurity watchers want infosec pros to know heading into 2022. No one could have predicted the sheer chaos the cybersecurity industry would experience over the course of 2021 ...

Exploring what's next for public-cloud security, including top risks and how to implement better risk management.

Phishing emails target a bank's users with malware - and make their landing page look more legitimate with fake Google reCAPTCHAs.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.