A database containing the phone numbers of more than half a billion Facebook users is being freely traded online, and Facebook is trying to pin the blame on everyone but themselves.

The cell-phone number of Facebook CEO Mark Zuckerberg is among the personal information leaked online in a low-level hacking forum, according to a researcher. Multiple outlets reported the claims about Zuckerberg's leaked personal information. Data including his name, location, and marriage details, birth date, and Facebook user ID was exposed, The Sun stated.

Apple today has stopped signing iOS 14.4.1, which means that users who have updated their device to iOS 14.4.2 can no longer downgrade. This follows Apple’s release of iOS 14.4.2 one week ago, which included an important security fix.

Merely weeks after releasing out-of-band patches for iOS, iPadOS, macOS and watchOS, Apple has issued yet another security update for iPhone, iPad, and Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild.

A team of advanced hackers exploited no fewer than 11 zero-day vulnerabilities in a nine-month campaign that used compromised websites to infect fully patched devices running Windows, iOS, and Android, a Google researcher said.

Many websites have a robots.txt, a plain-text file that tells search engines to ignore certain files and folders on the site. Security.txt is a proposed standard to do likewise with security polici…

HTTP is fundamental to modern development, from frontend to backend to mobile. But like any widespread mature standard, it's got some funky skeletons in the closet.

The foreign signals intelligence agency has put Canadians' privacy at risk in a growing number of incidents and then falls short in making sure that information is contained, says a newly published report from the intelligence watchdog.

[German]The forum of Windows tool developer IOBit was hacked over the weekend. The aim of the hack was to distribute the DeroHE ransomware to forum visitors.

The European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online.

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg.

Google makes its money from being the world's middle man for online advertising. It's kind of a tech company too, but in a good-enough sort of way rather than the "hey, we invented the transistor" sort of way. It doesn't do anything nobody else can do, except leverage its search dominance into advertising dominance.

The US Federal Bureau of Investigation says pranksters are hijacking weakly-secured smart devices in order to live-stream swatting incidents. "Recently, offenders have been using victims' smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks," the FBI said in a public service announcement published today.

One of the great threats to our civilization is space weather. Specifically, the Sun's proven ability to target the planet with a tremendous cosmic belch of radiation, knocking out satellites, power grids, and networks worldwide.

Internet domain company GoDaddy used a holiday bonus notification to test employees on email phishing scams, after workers had already been told they would not receive a bonus this year. The email to all staff, obtained by NBC affiliate KPNX in Arizona, was sent on Dec. 14 and read: "Happy Holiday GoDaddy! 2020 has been a record year for GoDaddy, thanks to you!"

Things were touch-and-go for a while, but it looks like Let's Encrypt's transition to a standalone certificate authority (CA) isn't going to break a ton of old Android phones. This was a serious concern earlier due to an expiring root certificate, but Let's Encrypt has come up with a workaround.

The U.S. cybersecurity agency said on Wednesday that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details.

Thousands of companies and governments are racing to discover whether they have been hit by the Russian hackers who reportedly infiltrated several US government agencies. The initial breach, reported on December 13, included the Treasury as well as the Departments of Commerce and Homeland Security. But the stealthy techniques the hackers used mean it could take months to identify all their victims and remove whatever spyware they installed.

WhatsApp leads the messaging world—with more than two billion users now sending 100 billion messages each day. The Facebook-owned platform popularized the idea that secure messaging could be simple and universal. But, as good as that security might be, it’s not enough—and we have seen news this week that should serve as a serious warning that there’s more you must do to keep your WhatsApp account secure.

Hackers who breached federal agency networks through software made by SolarWinds appear to have conducted a test run of their broad espionage campaign last year, sources with knowledge of the operation said.