Alanna Titterington

A security researcher has investigated his own smart mattress cover, discovering several ways to hack it — including through a backdoor preinstalled by the developer.

A vulnerability in Google OAuth allows attackers to access accounts of defunct organizations through abandoned domains.

A year after the ransomware attack on healthcare giant UnitedHealth Group, we’ve compiled all publicly available information about the incident and its aftermath.

The recent leak at major location-data broker, Gravy Analytics, shines a light on the implications of mass location-data collection.

We look at the most notable supply-chain attacks of 2024.

$3 billion worth of damage to healthcare insurance giant, schools closed, soccer club players’ data leaked, and other ransomware incidents in 2024.

We discuss the recently discovered Nearest Neighbor attack method, which enables attackers to compromise a Wi-Fi network from the other side of the world.

A detailed guide to configuring privacy settings in the ASICS Runkeeper running app.

A detailed guide on setting up privacy in the adidas Running app.

A detailed guide to configuring privacy settings in the MapMyRun fitness tracker.

This guide will walk you through the essential privacy settings in the Nike Run Club training app.

Want to keep your runs, rides, and hikes private on Strava? This guide will walk you through the essential privacy settings in this popular fitness app.

Recent research describes a method for snooping on what Apple Vision Pro users enter on the virtual keyboard.

The U.S. National Institute of Standards and Technology (NIST) has issued the first post-quantum encryption standards — FIPS 203, FIPS 204, and FIPS 205.

Researchers have discovered several potential attack vectors targeting bicycles fitted with Shimano Di2 wireless gear-shifting system.

In the wake of Google and Facebook, Mozilla has introduced its own technology for replacing third-party cookies: let’s take a look at how privacy-preserving attribution works.

Fraudsters are using AI-generated digital clones to bypass Know Your Customer (KYC) procedures and open money laundering accounts.

Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.

The masterminds behind the colossal botnet encompassing 19 million IP addresses used free VPN services as bait to lure unsuspecting users.

A zero-day vulnerability actively exploited by attackers has been discovered in Internet Explorer — the browser that Microsoft supposedly laid to rest over a year ago.

The JavaScript CDN service Polyfill.io has started spreading malicious code. Remove the service’s script from your website.