An investigation by AdGuard, an ad-blocking platform, has revealed a common link between several Chrome and Firefox extensions and Android & iOS apps that were caught collecting highly personal user data through various shady tactics.
Finnish-based fitness tracking app Polar has temporarily disabled its global activity map feature after last week journalists used it to track down the real-world identities of military and intelligence personnel.
In a 747-page document provided to the US House of Representatives' Energy and Commerce Committee on Friday, Facebook admitted that it granted special access to users' data to 61 tech companies.
Four academics from the Technical University in Dresden, Germany (TU Dresden) have created an app that detects and masks the hidden dot patterns that laser color printers secretly hide on all printed documents.
Apple's macOS surreptitiously creates and caches thumbnails for images and other file types stored on password-protected / encrypted containers (hard drives, partitions), according to Wojciech Reguła and Patrick Wardle, two macOS security experts.
Public record documents obtained from two US states reveal that Amazon has entered the surveillance market, where it's been silently advertising its facial recognition software to law enforcement agencies.
A team of nine academics is warning the world about a critical vulnerability in the OpenPGP and S/MIME email encryption tools. The flaw, if exploited, allow an attacker to decrypt sent or received messages, according to the researcher team.
A prodigious 18-year-old bug hunter from Chicago has discovered and reported a critical vulnerability in a LinkedIn social button that could have been abused to harvest LinkedIn user information, some of which may not have been public.
Software developer Marco Chiappetta has built a Google Chrome extension that can detect attempts to fingerprint text using the "zero-width character" technique.
Around 20% of today's top VPN solutions are leaking the customer's IP address via a WebRTC bug known since January 2015, and which apparently some VPN providers have never heard of.
Several Facebook users who downloaded an archive of their Facebook data in the wake of the Facebook-Cambridge Analytica scandal discovered this week that the social network's mobile applications have been recording —in some cases— much more information than most people were expecting.
Starting with Firefox 60 —expected to be released in May 2018— websites won't be able to use Firefox to access data from sensors that provide proximity distances and ambient light information.
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image.
Strava, a fitness tracking application that logs users' movements as they cycle, surf, or jog, has accidentally exposed or confirmed the location of various military bases and facilities all over the world.
The US Customs and Border Protection (CBP) agency published last week a new guideline containing updated procedures for searching travelers' electronic devices at US borders.
Two security researchers —Vangelis Stykas and Michael Gruhn— have published a report on a series of vulnerabilities that they named "Trackmageddon" that affect several GPS and location tracking services.
Princeton privacy experts are warning that advertising and analytics firms can secretly extract site usernames from browsers using hidden login fields and tie non-authenticated users visiting a site with their profiles or emails on that domain.
For the second year in a row, "123456" remained the top password among the millions of cleartext passwords exposed online thanks to data breach incidents at various providers.