Facebook is again in hot water after an article alleged it struck deals with device-makers to access users’ data.

Fortune 500 breaches seem to be a theme this week.

Analysis shows that the malware, previously a banking trojan focused on Android devices, has rapidly evolved just in the past month.

An array of malicious Android apps purporting to be popular game Fortnite are instead harvesting call logs and downloading cryptomining malware.

Samsung updates S9, Note 8 and S8 phones with 27 patches from a RCE bug to a patch that prevents an ancient peek-and-poke attack first identified in 1980s.

An attacker can gain man-in-the-middle access to inject a rogue executable file onto the phone.

The flaws would leave the enterprise devices helpless to a range of remote threats, including the charms of the Reaper IoT botnet.

Florida-based phone maker BLU is facing an FTC complaint over allegations it shared detailed personal user data with a third-party firm that included full text messages, call logs and contact lists.

Secure-messaging firm Signal was told by Amazon not to use its AWS servers for domain-fronting, a technique used to enable communications in countries such as Egypt, Oman, Qatar and UAE where the service is banned.

Threatpost talks to crypto expert Nate Cardozo, senior staff attorney with the Electronic Frontier Foundation at RSA Conference 2018 about the U.S. government’s current position on device encryption and law enforcement’s use of iPhone passcode cracker called GreyKey.