The Privacy Flaw Threatening US Democracy

Without robust federal protections, the country's widespread mass surveillance systems could be used against citizens like never before.

The Twitter Whistleblower Report’s Most Damning Allegation

Peiter “Mudge” Zatko’s claims about the company’s lax security are all bad. But one clearly captures the extent of systemic issues.

Inside the World’s Biggest Hacker Rickroll

As a graduation prank, four high school students hijacked 500 screens across six school buildings to troll their classmates and teachers.

The Low Threshold for Face Recognition in New Delhi

Police in India's capital say they only require an 80 percent accuracy rate for matches, raising new alarm bells for civil liberty advocates.

Janet Jackson’s ‘Rhythm Nation’ Can Crash Old Hard Drives

Plus: The Twilio hack snags a reporter, a new tool to check for spyware, and the Canadian weed pipeline gets hit by a cyberattack.

iOS Can Stop VPNs From Working as Expected—and Expose Your Data

A security researcher claims that Apple mobile devices keep connections open if they are created before a VPN is activated.

Spyware Hunters Are Expanding Their Tool Set

This invasive malware isn’t just for phones—it can target your PC too. But a new batch of algorithms aims to weed out this threat.

How to Use Signal Encrypted Messaging

The best end-to-end encrypted messaging app has a host of security features. Here are the ones you should care about.

The Family That Mined the Pentagon's Data for Profit

The Freedom of Information Act helps Americans learn what the government is up to. The Poseys exploited it—and became unlikely defenders of transparency.

The Android 13 Privacy Settings You Should Update Now

Google’s new mobile operating system has arrived. Take back some control with these privacy and security tips.

How to Create a Secure Folder on Your Phone

Keep private photos, videos, and documents away from prying eyes.

A New Tractor Jailbreak Rides the Right-to-Repair Wave

A hacker has formulated an exploit that provides root access to two popular models of the company’s farm equipment.

Flaw in the VA Medical Records Platform May Put Patients at Risk

The Veterans Affairs’ VistA software has a vulnerability that could let an attacker “masquerade as a doctor,” a security researcher warns.

The Feds Gear Up for a Privacy Crackdown

Plus: Cisco gets hit by ransomware, Twilio gets phished, a new way to fight email spammers, and much more.

A Single Flaw Broke Every Layer of Security in MacOS

An injection flaw allowed a researcher to access all files on a Mac. Apple issued a fix, but some machines may still be vulnerable.

Zoom’s Auto-Update Feature Came With Hidden Risks on Mac

The popular video meeting app makes it easy to keep the software up to date—but it also introduced vulnerabilities.

Here’s What Trump’s ‘Nuclear Documents’ Could Be

FBI agents reportedly searched Mar-a-Lago for “nuclear documents.” That can fall into one of these four categories.

The US Offers a $10M Bounty for Intel on Conti Ransomware Gang

The State Department organization has called for people to share details about five key members of the hacking group.

Sloppy Software Patches Are a ‘Disturbing Trend’

The Zero Day Initiative has found a concerning uptick in security updates that fail to fix vulnerabilities.

Meta Just Happens to Expand Messenger’s End-to-End Encryption

The company says an expansion of privacy features in Messenger is unrelated to a high-profile Nebraska abortion case.

This Anti-Tracking Tool Checks If You’re Being Followed

The Raspberry Pi-powered device can scan for phones around you. If it keeps spotting the same one, it’ll send you an alert.

Google's Android Red Team Had a Full Pixel 6 Pwn Before Launch

Before the flagship phone ever landed in users’ hands, the security team thoroughly hacked it by finding bugs and developing exploits.

A Long-Awaited IoT Reverse Engineering Tool Is Finally Here

Ten years after it was first unveiled, the powerful firmware analysis platform Ofrak is now available to anyone.

The Hacking of Starlink Terminals Has Begun

It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.

One of 5G’s Biggest Features Is a Security Minefield

New research found troubling vulnerabilities in the 5G platforms carriers offer to wrangle embedded device data.

Big Takeaways From the FBI's Mar-a-Lago Raid

The fact that a search of Donald Trump's Florida home was even necessary says a lot.

Will Europe Force a Facebook Blackout?

Regulators are close to stopping Meta from sending EU data to the US, bringing a years-long privacy battle to a head.

GitHub Moves to Guard Open Source Against Supply Chain Attacks

The popular Microsoft-owned code repository plans to roll out code signing, which will help beef up the security of open source projects.

A Phone Carrier That Doesn’t Track Your Browsing or Location

The new Pretty Good Phone Privacy service for Android hides the data linking you to your mobile device.

How to Use Lockdown Mode in iOS 16 to Make Your Phone More Secure

Whether you want to turn off link previews or block unwanted FaceTime calls, here's what you need to know.

The US Emergency Alert System Has Dangerous Flaws

Plus: A crypto-heist extravaganza, a peek at an NSO spyware dashboard, and more.

An ISP Settled Piracy Lawsuits. Could Users Take the Hit?

Now that Charter has reached settlements with major record labels, it’s unclear whether the cable provider will pull the plug on users who pirate music.

A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years

The exposure of cryptographically scrambled passwords isn’t a worst-case scenario—but it isn’t great, either.

All the Data Amazon's Ring Cameras Collect About You

The popular security devices are tracking (and sharing) more than you might think.

An Attack on Albanian Government Suggests New Iranian Aggression

A Tehran-linked hack of a NATO member marks a significant escalation against the backdrop of US-Iran nuclear talks.

The Microsoft Team Racing to Catch Bugs Before They Happen

What's it like to be responsible for a billion people's digital security? Just ask the company's Morse researchers.

A New Attack Easily Knocked Out a Potential Encryption Algorithm

SIKE was a contender for post-quantum-computing encryption. It took researchers an hour and a single PC to break it.

Bitcoin Fog Case Could Put Cryptocurrency Tracing on Trial

Roman Sterlingov, accused of laundering $336 million, is proclaiming his innocence—and challenging a key investigative tool.

Apple Just Patched 39 iPhone Security Bugs

Plus: A Google Chrome patch licks the DevilsTongue spyware, Android’s kernel gets a tune-up, and Microsoft fixes 84 flaws.

You Pay More When Companies Get Hacked

Plus: Google delays the end of cookies (again), EU officials were targeted with Pegasus spyware, and more of the top security news.

How Tor Is Fighting—and Beating—Russian Censorship

Russia has been trying to block the anonymous browser since December—with mixed results.

Don’t Call the New Federal Gun Law a Gun Law

Democratic senators lacked actionable gun data for their negotiations—so they passed mental health reform instead.

Russia Is Quietly Ramping Up Its Internet Censorship Machine

Since Vladimir Putin blocked Facebook, Instagram, and Twitter in March, Russia has been pushing away from the global internet at a rapid pace.

Interstate Travel Post-Roe Isn’t as Secure as You May Think

Despite the DOJ vowing to protect people's ability to travel out of state for abortion care, legal experts warn not to take that freedom for granted.

How to Safely Lend Someone Else Your Phone

The next time someone wants to borrow your device to make a call or take a picture, take these steps to protect your privacy.

The January 6 Secret Service Text Scandal Turns Criminal

Plus: The FCC cracks down on car warranty robocalls, Thai activists get targeted by NSO's Pegasus, and the Russia-Ukraine cyberwar continues.

The Unsolved Mystery Attack on Internet Cables in Paris

As new details about the scope of the sabotage emerge, the perpetrators—and the reason for their vandalism—remain unknown.

The 2022 US Midterm Elections' Top Security Issue: Death Threats

While cybersecurity and foreign meddling remain priorities, domestic threats against election workers have risen to the top of the list.

Congress Might Pass an Actually Good Privacy Bill

A bill with bipartisan support might finally give the US a strong federal data protection law.

The DHS Bought a ‘Shocking Amount’ of Phone-Tracking Data

The ACLU released a trove of documents showing how Homeland Security contracted with surveillance companies to scour location information.

The Most Popular Period-Tracking Apps, Ranked by Data Privacy

Under increased scrutiny, certain period-tracking apps are seeing a surge of new users. Which are as safe as they claim to be?

Instagram Slow to Tackle Bots Targeting Iranian Women’s Groups

Despite alerting Meta months ago, feminist groups say tens of thousands of fake accounts continue to bombard them on the platform.

Amazon Handed Ring Videos to Cops Without Warrants

Plus: A wild Indian cricket scam, an elite CIA hacker is found guilty of passing secrets to WikiLeaks, and more of the week's top security news.

A New Attack Can Unmask Anonymous Users on Any Major Browser

Researchers have found a way to use the web's basic functions to identify who visits a site—without the user detecting the hack.

New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs

The exploit can leak password information and other sensitive material, but the chipmakers are rolling out mitigations.

A Privacy Panic Flares Up in India After Police Pull Payment Data

Nonprofit donors had their information given to law enforcement without consent, highlighting limited data protections in the world’s largest democracy.

The January 6 Insurrection Hearings Are Just Heating Up

The US House committee has already uncovered a more organized and sinister plot than many imagined. But history suggests the worst may be yet to come.

Russian ‘Hacktivists’ Are Causing Trouble Far Beyond Ukraine

The pro-Russian group Killnet is targeting countries supporting Ukraine. It has declared "war" against 10 nations.

Chinese Police Exposed 1B People's Data in Unprecedented Leak

Plus: A duplicitous bug bounty scheme, the iPhone's new “lockdown mode,” and more of the week's top security news.

Will These Algorithms Save You From Quantum Threats?

Quantum-proof encryption is here—decades before it can be put to the test.