Millions of people imperiled through sign-in links sent by SMS

Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of people, leaving them vulnerable to scams, identity theft, and other crimes, ...

What’s a browser-in-browser attack? The key traits to know

This dirty hack can trick people into accidentally sharing sensitive info—like Facebook login credentials. Here’s how to ...

New Windows Flaw Lets Attackers Bypass Mark of the Web

Microsoft patched a Windows Remote Assistance flaw that lets attackers bypass Mark of the Web, weakening protections against ...

ACF plugin bug gives hackers admin on 50,000 WordPress sites

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be ...

Malware control panels could give experts the tools they need to spy on hackers

Cybersecurity researchers have managed to break into the web-based control panel for the StealC infostealer and gain valuable ...