Alanna Titterington

By hijacking domains with CNAME records and exploiting forgotten SPF records, attackers seize domains and use them for their own purposes.

How hackers exploit chatbot features to restore encrypted chats from OpenAI ChatGPT, Microsoft Copilot, and most other AI chatbots.

Commercial spyware — what it is, how it infiltrates devices, what it can do once inside, and how to defend against it.

SIM swap fraud is back in vogue. We explain what it is, the danger it poses to organizations, and how to guard against such attacks.

What’s the easiest way to hack a WPA2-protected wireless network? Using PMKID interception. Here’s how it works, and what you can do to protect yourself.

We explain what a pig butchering scam is: how it works, why it’s dangerous, and how to protect yourself from it.

VoltSchemer attacks on wireless Qi chargers using modified power sources can “fry” smartphones and other devices, as well as issue commands to voice assistants.

A look at the biggest ransomware attacks of 2023.

The KeyTrap DoS attack, which can disable DNS servers with a single malicious packet exploiting a vulnerability in DNSSEC.

Time to update Fortra GoAnywhere MFT: an exploit has been developed for a critical vulnerability that allows attackers to bypass authentication and create admin accounts.

Facebook now collects your link history and uses it to show targeted ads. Here’s how to disable this “handy” feature.

Ethical hackers told 37C3 how they found a few eye-openers while breaking DRM to fix trains.

Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.

What’s the principle of least privilege, why’s it needed, and how does it help secure corporate information assets?

Attackers are hijacking hotel accounts on Booking.com, and stealing their clients’ banking data through its internal messaging system.

How malicious extensions steal cryptocurrency, hijack accounts in games and social networks, manipulate search results, and display intrusive ads.

Android 13 and 14 have a feature called Restricted Settings. We explain its purpose, and how malicious applications bypass it.

Typical security issues of WordPress, and how they can be addressed to protect your website or online store from cybercriminals.

The Nothing Chats app from Nothing Phone promised to be the iMessage for Android, but in less than 24 hours it was removed from Google Play due to a shocking lack of security.

How attackers use infected archives and malicious browser extensions to steal Facebook Business accounts.

We discuss what zero-click attacks are, why they’re dangerous, and how to protect your company from them.