Security news coverage encompasses investigative cybersecurity reporting and analysis on the latest security breaches, hacks and cyberattacks around the globe.
Featured Article
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
Two senior police officials in Bangladesh are accused of collecting and selling citizens’ personal information to criminals on Telegram.
Lorenzo Franceschi-Bicchierai
Zulkarnain Saer Khan
19 hours ago
Security
Hundreds of Snowflake customer passwords found online are linked to info-stealing malware
Zack Whittaker
2 days ago
Snowflake is the latest company in a string of high-profile security incidents and sizable data breaches caused by the lack of MFA.
Social
TikTok acknowledges exploit targeting high-profile accounts
Sarah Perez
3 days ago
The malicious attack appears to have involved malware transmitted through TikTok’s DMs.
Featured Article
Live Nation confirms Ticketmaster was hacked, says personal information stolen in data breach
Live Nation says its Ticketmaster subsidiary was hacked. A hacker claims to be selling 560 million customer records.
Zack Whittaker
3:13 pm PDT • May 31, 2024
AI
Hugging Face says it detected ‘unauthorized access’ to its AI model hosting platform
Kyle Wiggers
2:51 pm PDT • May 31, 2024
Late Friday afternoon, a time window companies usually reserve for unflattering disclosures, AI startup Hugging Face said that its security team earlier this week detected “unauthorized access” to Spaces, Hugging…
Featured Article
Hacked, leaked, exposed: Why you should never use stalkerware apps
Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger.
Lorenzo Franceschi-Bicchierai
2:05 pm PDT • May 31, 2024
Security
Hackers steal $305M from DMM Bitcoin crypto exchange
Lorenzo Franceschi-Bicchierai
9:38 am PDT • May 31, 2024
Japanese crypto exchange DMM Bitcoin confirmed on Friday that it had been the victim of a hack resulting in the theft of 4,502.9 bitcoin, or about $305 million. According to…
Security
Zero-day flaw in Check Point VPNs is ‘extremely easy’ to exploit
Zack Whittaker
11:30 am PDT • May 30, 2024
Check Point is the latest security vendor to fix a vulnerability in its technology, which it sells to companies to protect their networks.
Transportation
Chinese EV makers, and their connected vehicles, targeted by new House bill
Rebecca Bellan
2:50 pm PDT • May 29, 2024
Chinese EV manufacturers face a new challenge in their pursuit of U.S. customers: a new House bill that would limit or ban the introduction of their connected vehicles. The bill,…
Security
Spyware maker pcTattletale says it’s ‘out of business’ and shuts down after data breach
Zack Whittaker
1:45 pm PDT • May 28, 2024
The spyware maker’s founder, Bryan Fleming, said pcTattletale is “out of business and completely done,” following a data breach.
Security
Rock band’s hidden hacking-themed website gets hacked
Lorenzo Franceschi-Bicchierai
10:37 am PDT • May 28, 2024
On Friday, Pal Kovacs was listening to the long-awaited new album from rock and metal giants Bring Me the Horizon when he noticed a strange sound at the end of…
Security
Spyware app pcTattletale was hacked and its website defaced
Zack Whittaker
8:29 am PDT • May 25, 2024
pcTattletale’s website was briefly defaced and contained links containing files from the spyware maker’s servers, before going offline.
Security
US pharma giant Cencora says Americans’ health information stolen in data breach
Zack Whittaker
6:40 am PDT • May 24, 2024
About half a million patients have been notified so far, but the number of affected individuals is likely far higher.
Security
Bugcrowd, the crowdsourced white-hat hacker platform, acquires Informer to ramp up its security chops
Ingrid Lunden
4:31 am PDT • May 23, 2024
On the heels of raising $102 million earlier this year, Bugcrowd is making good on its promise to use some of that funding to make acquisitions to strengthen its security…
Featured Article
Spyware found on US hotel check-in computers
Several hotel check-in computers are running a remote access app, which is leaking screenshots of guest information to the internet.
Zack Whittaker
11:05 am PDT • May 22, 2024
AI
Bolster, creator of the CheckPhish phishing tracker, raises $14M led by Microsoft’s M12
Ingrid Lunden
7:54 am PDT • May 22, 2024
A dodgy email containing a link that looks “legit” but is actually malicious remains one of the most dangerous, yet successful, tricks in a cybercriminal’s handbook. Now, an AI startup…
Security
Conservative cell carrier Patriot Mobile hit by data breach
Lorenzo Franceschi-Bicchierai
8:22 am PDT • May 21, 2024
U.S. cell carrier Patriot Mobile experienced a data breach that included subscribers’ personal information, including full names, email addresses, home ZIP codes and account PINs, TechCrunch has learned. Patriot Mobile,…
Security
CyberArk snaps up Venafi for $1.54B to ramp up in machine-to-machine security
Ingrid Lunden
5:12 am PDT • May 20, 2024
CyberArk — one of the army of larger security companies founded out of Israel — is acquiring Venafi, a specialist in machine identity, for $1.54 billion.
Featured Article
Two Santa Cruz students uncover security bug that let anyone do their laundry for free
CSC ServiceWorks provides laundry machines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.
Zack Whittaker
9:05 am PDT • May 17, 2024
Security
Healthcare company WebTPA discloses breach affecting 2.5 million people
Lorenzo Franceschi-Bicchierai
7:44 am PDT • May 17, 2024
A Texas-based company that provides health insurance and benefit plans disclosed a data breach affecting almost 2.5 million people, some of whom had their Social Security number stolen. WebTPA said…
A hacker listed the data allegedly breached from Samco on a known cybercrime forum.
Security
Ireland privacy watchdog confirms Dell data breach investigation
Lorenzo Franceschi-Bicchierai
8:33 am PDT • May 16, 2024
A top European privacy watchdog is investigating following the recent breaches of Dell customers’ personal information, TechCrunch has learned. Ireland’s Data Protection Commission (DPC) deputy commissioner Graham Doyle confirmed to…
Privacy
Flock Safety’s solar-powered cameras could make surveillance more widespread
Haje Jan Kamps
7:29 am PDT • May 16, 2024
Flock Safety is a multibillion-dollar startup that’s got eyes everywhere. As of Wednesday, with the company’s new Solar Condor cameras, those eyes are solar-powered and use wireless 5G networks to…
Security
Thoma Bravo’s LogRhythm merges with Exabeam in more cybersecurity consolidation
Paul Sawers
3:19 am PDT • May 16, 2024
Private equity giant Thoma Bravo has announced that its security information and event management (SIEM) company LogRhythm will be merging with Exabeam, a rival cybersecurity company backed by the likes…
Security
FBI seizes hacking forum BreachForums — again
Lorenzo Franceschi-Bicchierai
12:43 pm PDT • May 15, 2024
The FBI along with a coalition of international law enforcement agencies seized the notorious cybercrime forum BreachForums on Wednesday. For years, BreachForums has been a popular English-language forum for hackers…
Privacy
Google’s call-scanning AI could dial up censorship by default, privacy experts warn
Natasha Lomas
10:25 am PDT • May 15, 2024
A feature Google demoed at its I/O confab yesterday, using its generative AI technology to scan voice calls in real time for conversational patterns associated with financial scams, has sent…
Security
Google adds live threat detection and screen-sharing protection to Android
Ivan Mehta
10:00 am PDT • May 15, 2024
The company said it is increasing the on-device capability of its Google Play Protect system to detect fraudulent apps trying to breach sensitive permissions.
Apps
Apple touts stopping $1.8B in App Store fraud last year in latest pitch to developers
Natasha Lomas
10:00 am PDT • May 14, 2024
Apple released new data about anti-fraud measures related to its operation of the iOS App Store on Tuesday morning, trumpeting a claim that it stopped over $7 billion in “potentially…
Security
Threat actor scraped Dell support tickets, including customer phone numbers
Lorenzo Franceschi-Bicchierai
9:47 am PDT • May 14, 2024
The person who claimed to have stolen the physical addresses of 49 million Dell customers appears to have taken more data from a different Dell portal, TechCrunch has learned. The…
Featured Article
‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
Estate is an invite-only website that has helped hundreds of attackers make thousands of phone calls aimed at stealing account passcodes, according to its leaked database.
Zack Whittaker
5:05 am PDT • May 13, 2024