An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and--worst of all--malware designed to infect users' computers. Researchers at WordFence went public about how hackers are exploiting a zero...

Security researchers at Palo Alto Networks have discovered a new malware threat that targets Macs in what appears to be a sophisticated attempt to raid cryptocurrency wallets. The malware, which researchers have dubbed CookieMiner, has a variety of weapons in its armory that could make it particularly worrisome for cryptocurrency investors. According to...

Toyota Boshoku, a seating and interiors supplier for Toyota cars, has revealed that it was tricked into moving a large amount of money into a bank account controlled by scammers. In a statement published on its global website, Toyota Boshoku Corporation said that its European subsidiary was duped into transferring approximately four billion yen (over US...

TechCrunch reports that a security researcher stumbled across an exposed server on the internet containing databases with a total of more than 419 million records related to Facebook users. According to TechCrunch's reporting, each database record contains a user's unique Facebook account ID (from which it's possible to determine a user name) and phone...

It's no secret that there are a lot of websites on the internet hosting malicious content whether they be phishing pages, scams or malware itself. Every day we hear of new attacks, there's a common denominator of either a user having clicked on a link to a fraudulent website or a site having played host to code that pulled a malicious payload down from...

A biometrics system used to secure more than 1.5 million locations around the world - including banks, police forces, and defence companies in the United States, UK, India, Japan, and the UAE - has suffered a major data breach, exposing a huge number of records. South Korean firm Suprema runs the web-based biometric access platform BioStar 2, but left...

Binance, one of the world's largest cryptocurrency exchanges, has revealed that it is being blackmailed to the tune of 300 Bitcoin (approximately US $3.5 million) by someone who is threatening to release some 10,000 sensitive photographs of its customers. And in an attempt to identify its blackmailer, Binance has put a 25 Bitcoin (approximately US $290...

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security -- specifically the weak points -- of its internal network. Security researcher Justin Paine discovered the sensitive information after scouring the internet with Shodan, a specialist search engine which can be used to find exposed internet...

The FBI has arrested a 33-year-old software engineer in Seattle as part of an investigation into a massive data breach at financial services company Capital One. Paige A. Thompson, also known by the online handle "erratic," has been charged with one count of computer fraud and abuse, after an investigation uncovered that a hacker had broken into cloud...

Two years after the WannaCry ransomware outbreak shone a light on the computer security of the UK's National Health Service, and five years after Microsoft said it would no longer release patches for Windows XP, the NHS still has 2,300 PCs running the outdated operating system. The worrying statistic came to light in the response to a parliamentary...

Apple has chosen to temporarily disable a key feature of the Apple Watch after a critical vulnerability was discovered that could allow someone to eavesdrop on another person without their knowledge. The Apple Watch feature at the heart of the problem is Apple's Walkie-Talkie app which allows users to "push to talk" with other Apple Watch owners via a...

The New York State Legislature recently passed a bill that aims to protect New York residents, regardless of the location of the business. The law, known as the Stop Hacks and Improve Electronic Data Security (SHIELD) Act is designed to address unauthorized access of data. The bill expands the definition of “Breach of the security of the system” by...

What's happened? British Airways is facing a record fine of £183 million, after its systems were breached by hackers last year and the personal and payment card information of around 500,000 customers were stolen. 183 million quid!? That sounds huge! Yes, it's the biggest fine ever handed out by the UK's Information Commissioner's Office (ICO). In...

European police have arrested six people as part of an investigation into a theft which saw €24 million (US $27 million) stolen from users of cryptocurrency exchange. In a press release, Europol described how five men and one woman were simultaneously arrested on Tuesday morning at the homes of the suspects in Charlcombe, Lower Weston and Staverton (UK)...

Cybercriminals have learnt something very valuable in the last couple of weeks: in order to regain access to their data, cities in Florida are prepared to pay out huge Bitcoin ransoms to hackers. Less than a week after the city of Riviera Beach, 80 miles from Miami, unanimously voted to pay US $600,000 worth of Bitcoins to an extortionist who had locked...

An attack which targeted users of the Telegram app on Wednesday might be linked to protests in Hong Kong that turned violent. That's one of the theories in circulation, after a distributed denial-of-service (DDoS) attack disrupted legitimate access to the Telegram secure messaging app by swamping it with "garbage requests." Pitched battles broke out in...

In a "preliminary statement" published on its blog on Thursday, cryptocurrency wallet service GateHub has warned that over 100 customers have had their ledger wallets hacked and funds stolen. Dear Valued Customers, Recently, we have been notified by our customers and community members about funds on their XRP Ledger wallets being stolen and immediately...

Security researchers have discovered a new strain of malware called "HiddenWasp" that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers. According to a blog post by researchers at Intezer, the malware borrows from existing malware code publicly available on the internet including the...

A security researcher has discovered a publicly-accessible database containing the details of millions of Instagram users, including their contact information. As TechCrunch reports, Anurag Sen discovered the database of more than 49 million records - exposed for anyone to access via the internet, no password required, on an unprotected Amazon Web...

The notorious Magecart malware, that blights online stores by stealing payment card details from unsuspecting shoppers at checkout, has claimed another high profile victim. Security researcher Troy Mursch raised the alarm on Twitter that the Forbes magazine subscription website had been compromised with malicious code that was siphoning off sensitive...