Mobile apps leak personal data via insecure ads that transmit ad-targeting data insecurely.

Researchers said three apps used to surveil Middle East targets were booted from the Google Play marketplace.

Intel said it is lights out for its Remote Keyboard app just as security researchers find three vulnerabilities that let local attackers inject keystrokes in sessions.

Google updates its Android OS to address its own OS and component partners Qualcomm and Broadcom.

Clouldflare launches DNS-over-HTTPS service called 1.1.1.1 that it says will be a “privacy-first” DNS service for consumers.

Under Armour is getting kudos for disclosing breach within weeks, but concerns remain over an unknown portion of credentials reportedly stored using the weak SHA-1 hashing function.

Apple has confirmed a privacy bug in it iPhone that allows the Siri voice assistant to read out messages from locked screens – even if the messages are hidden.

Popular secure messaging service Telegram loses battle with Russian courts and now must hand over encryption keys or face being blocked from the country.

Security community takes a critical look at CTS-Labs’ disclosure of vulnerabilities in AMD vulnerabilities found in EPYC servers, Ryzen workstationsm and Ryzen mobile offerings.

Lookout researchers discussed Dark Caracal’s implications for APT actors in the mobile space and why its now a juicy target.