Peloton’s Leaky API Spilled Riders’ Private Data
On top of the privacy spill, Peloton is also recalling all treadmills after the equipment was linked to 70 injuries and the death of one child.
Featured news
New Crypto-Stealer ‘Panda’ Spread via Discord
PandaStealer is delivered in rigged Excel files masquerading as business quotes, bent on stealing victims’ cryptocurrency and other info.
Anti-Spam WordPress Plugin Could Expose Website User Data
‘Spam protection, AntiSpam, FireWall by CleanTalk’ is installed on more than 100,000 sites — and could offer up sensitive info to attackers that aren’t even logged in.
Raft of Exim Security Holes Allow Linux Mail Server Takeovers
Remote code execution, privilege escalation to root and lateral movement through a victim’s environment are all on offer for the unpatched or unaware.
Related Content
Latest news
‘Freevaccinecovax.org’ claimed to be that of a biotech company but instead was stealing info from visitors to use for nefarious purposes.
The never-seen malware strains have "professionally coded sophistication" and were launched by a well-resourced APT using nearly 50 domains, one hijacked.
The security flaw tracked as CVE-2021-22893 is being used by at least two APTs likely linked to China, to attack U.S. defense targets among others.
On Monday, Apple released a quartet of unscheduled updates for iOS, macOS, and watchOS, slapping security patches on flaws in its WebKit browser engine.
The privilege-escalation bug remained hidden for 12 years and has been present in all Dell PCs, tablets and notebooks shipped since 2009.
Most popular
-
New Buer Malware Downloader Rewritten in E-Z Rust Language
-
Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs
-
Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices
-
Deepfake Attacks Are About to Surge, Experts Warn
-
Sneakers, Gaming, Nvidia Cards: Retailers Can Stop Shopping Bots
Most Recent ThreatLists
-
Bait Boost: Phishers Delivering Increasingly Convincing Lures
-
Oscar-Bait, Literally: Hackers Abuse Nominated Films for Phishing, Malware
-
QR Codes Offer Easy Cyberattack Avenues as Usage Spikes
-
COVID-Related Threats, PowerShell Attacks Lead Malware Surge
-
80% of Global Enterprises Report Firmware Cyberattacks
PodcastsView all
Spotlight on Cybercriminal Supply Chains
In this Threatpost podcast Fortinet’s top researcher outlines what a cybercriminal supply chain is and how much the illicit market is worth.
Podcast: Microsoft Exchange Server Attack Onslaught Continues
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week.
Podcast: Ransomware Attacks Exploded in Q4 2020
Researchers said they saw a seven-times increase in ransomware activity in the fourth quarter of 2020, across various families – from Ryuk to Egregor.
Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report
APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by the Equation Group, said researchers.
Emotet’s Takedown: Have We Seen the Last of the Malware?
A week after law enforcement agencies said they took down Emotet, there has been no sign of the prolific malware.
Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’
Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, talks about the top security challenges facing the US government as a new presidential administration steps in.
CISOs Prep For COVID-19 Exposure Notification in the Workplace
Security teams are preparing for the inevitable return to the workplace – and the privacy implications of exposure notification apps that companies may need to adopt.
A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets
Threatpost editors discuss the SolarWinds hack, healthcare ransomware attacks and other threats that will plague enterprises in 2021.
Simplifying Proactive Defense With Threat Playbooks
FortiGuard Labs’ Derek Manky talks about how threat playbooks can equip defense teams with the tools they need to fight back against evolving attacker TTPs.
VideosView all
National Surveillance Camera Rollout Roils Privacy Activists
TALON, a network of smart, connected security cameras developed by the Atlanta-based startup and installed by law enforcement around the country, raises surveillance-related privacy concerns.
Malware Gangs Partner Up in Double-Punch Security Threat
From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.
How Email Attacks are Evolving in 2021
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.
Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks
Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks.
Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares
From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security risks.
How the Pandemic is Reshaping the Bug-Bounty Landscape
Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more.
Experts Weigh in on E-Commerce Security Amid Snowballing Threats
How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike.
Cybercriminals Step Up Their Game Ahead of U.S. Elections
Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns – but this time, social media giants, the government and citizens are more prepared.
A Cyber ‘Vigilante’ is Sabotaging Emotet’s Return
During Black Hat USA 2020, Threatpost talks to Sherrod DeGrippo, with Proofpoint, about Emotet’s recent return -and how a cyber vigilante is attempting to thwart the malware’s comeback.
SlideshowView all
2020 Cybersecurity Trends to Watch
Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.
Top Mobile Security Stories of 2019
Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.
Facebook Security Debacles: 2019 Year in Review
2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.
Biggest Malware Threats of 2019
2019 was another banner year for bots, trojans, RATS and ransomware. Let’s take a look back.
Top 10 IoT Disasters of 2019
From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children’s connected toys, here are the top IoT disasters in 2019.
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.