A data breach reveals the spyware is built by a Polish developer
The vulnerability — now fixed — was discovered in a cloud-based system that allows customers to remotely manage their security alarm systems.
The hackers responsible for exploiting a flaw to target users of a popular file transfer tool has begun listing victims of the mass-attacks
Oil giant Shell said it is investigating after a security researcher found an exposed internal database spilling the personal information of drivers who use the company’s electric vehicle charging stations.
Hackers stole another half a million people’s personal and health information during a ransomware attack on a technology vendor earlier this year.
Intellihartx, a Tennessee-based company that handles patient payment balances and collections, said in a notice filed with the Maine attorney general’s office that 489,830 patients had information stolen in the cyberattack targeting its vendor, Fortra.
The malware-infected AllWinner and RockChip-powered Android TV models are still available to purchase on Amazon.
Apple has fixed the three exploits used to deploy the Pegasus spyware, which did not require any interaction from the target.
One of the hackers who breached Western Digital provided some details about the hack, the data stolen, and what the hackers are demanding.
Researchers found malware developed by QuaDream, a little-known government spyware maker, which was used against journalists and politicians.
The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCrunch that it was also hacked.
The City of Toronto told TechCrunch in a revised statement on March 23: “Today, the City of Toronto has confirmed that unauthorized access to City data did occur through a third party vendor. The access is limited to files that were unable to be processed through the third party secure file transfer system.”
The startup shared millions of patients' personal information and health data with Google, Facebook, and TikTok.
A security researcher told TechCrunch that a government server was exposing military emails to the internet because no password was set.
This is the second breach to hit Mailchimp in six months. It also appears to be almost identical to a previous incident.
year after it was banned by the Federal Trade Commission, a notorious phone surveillance company is back in all but name, a TechCrunch investigation has found.
A groundbreaking FTC order in 2021 banned the stalkerware app SpyFone, its parent company Support King, and its chief executive Scott Zuckerman from the surveillance industry. The order, unanimously approved by the regulator’s five sitting commissioners, also demanded that Support King delete the phone data it illegally collected and notify victims that its app was secretly installed on their device.
A cybercriminal group has compromised a media content provider to deploy malware on the websites of hundreds of news outlets in the U.S. according to cybersecurity company Proofpoint.
Leaked data obtained by TechCrunch reveals the notorious network of Android spyware apps tracked locations and recorded calls of Americans.
Cloud giant DigitalOcean says that some customers’ email addresses were exposed because of a recent “security incident” at email marketing company Mailchimp. In a scant blog post dated August 12, just two days after the company’s co-founder and long-time CEO Ben Chestnut stepped down, Mailchimp said a recent but undated attack saw threat actors targeting […]
Lockdown Mode is a new Apple feature you should hope you’ll never need to use. But for those who do, like journalists, politicians, lawyers and human rights defenders, it’s a last line of defense against nation-state spyware designed to punch through an iPhone’s protections. The new security feature was announced earlier this year as an […]
Apple has released a silent update for Mac users removing a vulnerable component in Zoom, the popular video conferencing app, which allowed websites to automatically add a user to a video call without their permission. The Cupertino, Calif.-based tech giant told TechCrunch that the update — now released — removes the hidden web server, which […]
The Russia-linked ransomware gang demanded $20 million in ransom — and the overthrow of Costa Rica's elected government. Where does that leave smaller, equally vulnerable nation states?
