Tag: phone
-
WhatsApp API flaw let researchers scrape 3.5 billion accounts
Researchers compiled a list of 3.5 billion WhatsApp mobile phone numbers and associated personal information by abusing a contact-discovery API that lacked rate limiting. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whatsapp-api-flaw-let-researchers-scrape-35-billion-accounts/
-
WhatsApp API flaw let researchers scrape 3.5 billion accounts
Researchers compiled a list of 3.5 billion WhatsApp mobile phone numbers and associated personal information by abusing a contact-discovery API that lacked rate limiting. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whatsapp-api-flaw-let-researchers-scrape-35-billion-accounts/
-
FCC reversal removes federal cyber safeguards targeting telecom weaknesses post-Salt Typhoon attacks
Tags: access, at&t, attack, breach, ceo, china, communications, control, country, cyber, cyberattack, cybersecurity, exploit, government, group, hacker, intelligence, law, mobile, network, phone, router, threatSalt Typhoon still reverberating: Salt Typhoon impacted major carriers including AT&T, Charter Communications, Consolidated Communications, Lumen Technologies, T-Mobile, Verizon, and Windstream. But law enforcement and intelligence agencies caution that its impact is far more widespread, exposing at least 200 US organizations, plus entities in 80 other countries.According to federal investigations, the attack allowed the Chinese…
-
Despite Chinese hacks, Trump’s FCC votes to scrap cybersecurity rules for phone and internet companies
Two Trump-appointed FCC officials voted to undo the telecom industry’s cybersecurity rules. One Democratic commissioner dissented, saying the decision leaves the United States “less safe” at a time when threats are increasing. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/21/despite-chinese-hacks-trumps-fcc-votes-to-scrap-cybersecurity-rules-for-phone-and-internet-companies/
-
New Android malware can capture private messages, researchers warn
The malware can monitor everything displayed on a phone in real time, including contacts, full message threads and the content of encrypted chats, by accessing data after it has been decrypted by legitimate apps. First seen on therecord.media Jump to article: therecord.media/new-android-malware-captures-private-messages
-
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform
Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windowsHey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
-
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform
Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windowsHey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
-
‘Largest Data Leak in History’: WhatsApp Flaw Exposed Billions of Users
Austrian researchers used a WhatsApp contact-lookup flaw to map 3.5 billion phone numbers, revealing how basic metadata can build a directory of accounts. The post ‘Largest Data Leak in History’: WhatsApp Flaw Exposed Billions of Users appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-flaw-exposed-billions-users/
-
DoorDash confirms data breach affecting users’ phone numbers and physical addresses
The delivery giant said “no sensitive information” was accessed, and did not specify the number of customers, delivery workers, and merchants who were affected by the breach. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/17/doordash-confirms-data-breach-impacting-users-phone-numbers-and-physical-addresses/
-
WhatsApp Screen-Sharing Scam: How Attackers Are Deceiving Users to Expose Sensitive Information
Scams and threats circulating on messaging apps like WhatsApp demonstrate how easily trusted platforms can be weaponized against users. One deceptive tactic gaining traction involves tricking people into sharing their phone screens during WhatsApp video calls. The screen-sharing feature, available since 2023, is increasingly being turned against users to steal data, identities, and money. Cases…
-
WhatsApp Screen-Sharing Scam: How Attackers Are Deceiving Users to Expose Sensitive Information
Scams and threats circulating on messaging apps like WhatsApp demonstrate how easily trusted platforms can be weaponized against users. One deceptive tactic gaining traction involves tricking people into sharing their phone screens during WhatsApp video calls. The screen-sharing feature, available since 2023, is increasingly being turned against users to steal data, identities, and money. Cases…
-
A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers
By plugging tens of billions of phone numbers into WhatsApp’s contact discovery tool, researchers found “the most extensive exposure of phone numbers” ever”, along with profile photos and more. First seen on wired.com Jump to article: www.wired.com/story/a-simple-whatsapp-security-flaw-exposed-billions-phone-numbers/
-
DoorDash Confirms Data Breach Exposing Customer Personal Information
DoorDash has confirmed an October 2025 data breach that exposed customer names, phone numbers, addresses and email details First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/doordash-confirms-data-breach/
-
The Battle Over The Search of a Cell Phone Feds v. Locals
As state and federal authorities seek broad access to a seized phone, a Virginia prosecutor argues for narrowly tailored digital searches, a clash that could redefine Fourth Amendment protections for modern devices. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-battle-over-the-search-of-a-cell-phone-feds-v-locals/
-
The Battle Over The Search of a Cell Phone Feds v. Locals
As state and federal authorities seek broad access to a seized phone, a Virginia prosecutor argues for narrowly tailored digital searches, a clash that could redefine Fourth Amendment protections for modern devices. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-battle-over-the-search-of-a-cell-phone-feds-v-locals/
-
Surveillance tech provider Protei was hacked, its data stolen, and its website defaced
The defacement of Protei’s website said “another DPI/SORM provider bites the dust,” apparently referring to the company selling its web intercept and surveillance products to phone and internet providers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/17/surveillance-tech-provider-protei-was-hacked-its-data-stolen-and-its-website-defaced/
-
DoorDash confirms data breach impacting users’ phone numbers and physical addresses
The delivery giant said “no sensitive information” was accessed, and did not specify the number of customers, delivery workers, and merchants who were impacted by the breach. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/17/doordash-confirms-data-breach-impacting-users-phone-numbers-and-physical-addresses/
-
Surveillance tech provider Protei was hacked, its data stolen and its website defaced
The defacement of Protei’s website said “another DPI/SORM provider bites the dust,” apparently referring to the company selling its web intercept and surveillance products to phone and internet providers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/17/surveillance-tech-provider-protei-was-hacked-its-data-stolen-and-its-website-defaced/
-
MI5 made multiple applications for phone data to identify BBC journalist’s sources
MI5 discloses it made and authorised unlawful ‘sequential applications’ for Vincent Kearney’s phone data during his time at the BBC, but will neither confirm nor deny whether it undertook further ‘lawful’ surveillance of BBC journalists First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634439/MI5-made-multiple-applications-for-phone-data-to-identify-BBC-journalists-sources
-
North Korean spies turn Google’s Find Hub into remote-wipe weapon
KONNI espionage crew covertly abused Google’s Find My Device feature to remotely factory-reset Android phones First seen on theregister.com Jump to article: www.theregister.com/2025/11/11/north_korean_spies_turn_googles/
-
North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors
North Korea-linked APT Konni posed as counselors to steal data and wipe Android phones via Google Find Hub in Sept 2025. Genians Security Center researchers warn that the North Korea-linked Konni APT group (aka Kimsuky, Earth Imp, TA406, Thallium, Vedalia, and Velvet Chollima) posed as counselors to hack Android and Windows, stealing data and wiping phones…
-
Beyond silos: How DDI-AI integration is redefining cyber resilience
Tags: ai, api, attack, automation, best-practice, breach, business, cctv, cloud, control, corporate, cyber, cybersecurity, data, defense, detection, dns, endpoint, finance, firewall, guide, identity, infrastructure, intelligence, iot, malicious, monitoring, network, penetration-testing, phishing, phone, RedTeam, resilience, risk, service, siem, soar, soc, sql, threat, tool, training, zero-trustDDI as the nervous system of enterprise security: DDI, including DNS, DHCP and IP address management, is the nervous system of the network. It records every connection, every name resolution and every IP allocation, maintaining the only comprehensive, authoritative record of normal network behavior.By itself, DDI data is simply a massive stream of logs. For…
-
Beyond silos: How DDI-AI integration is redefining cyber resilience
Tags: ai, api, attack, automation, best-practice, breach, business, cctv, cloud, control, corporate, cyber, cybersecurity, data, defense, detection, dns, endpoint, finance, firewall, guide, identity, infrastructure, intelligence, iot, malicious, monitoring, network, penetration-testing, phishing, phone, RedTeam, resilience, risk, service, siem, soar, soc, sql, threat, tool, training, zero-trustDDI as the nervous system of enterprise security: DDI, including DNS, DHCP and IP address management, is the nervous system of the network. It records every connection, every name resolution and every IP allocation, maintaining the only comprehensive, authoritative record of normal network behavior.By itself, DDI data is simply a massive stream of logs. For…
-
German healthcare aims to replace faxes and phones with secure messaging
Germany’s digital health agency, Gematik, has turned to open source for secure messaging services that will link patients, doctors and pharmacies First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634180/German-healthcare-aims-to-replace-faxes-and-phones-with-secure-messaging
-
LANDFALL Spyware Targeted Samsung Galaxy Phones via Malicious Images
Unit 42 discovered LANDFALL, commercial-grade Android spyware, which used a hidden image vulnerability (CVE-2025-21042) to remotely spy on Samsung Galaxy users via WhatsApp. Update your phone now. First seen on hackread.com Jump to article: hackread.com/landfall-spyware-samsung-galaxy-malicious-images/