Adobe fixed critical vulnerabilities in Adobe Flash Player and Creative Cloud as part of its regularly scheduled May Security Bulletin, on Tuesday.

Tech-support scams took off during the year, while whaling/business email compromise was the main threat, accounting for losses of more than $675 million.

A rapidly swelling botnet of Twitter accounts advertising “adult dating”-themed scam websites has at least 80,000 nodes to date.

A glitch caused Twitter passwords to be stored in plain text on an internal log.

Bad actors are leveraging the critical Drupal vulnerability to install cryptomining malware on servers and browsers,

Facebook hopes to improve data privacy with a new feature letting users flush their history so that it is cleared from their account.

Exploitation can result in hackers gaining access to full browsing histories and all of the user’s internet activities.

Twitter is the latest company to face backlash for how it handles data privacy after disclosing that it sold data access to a Cambridge Analytica-linked researcher.

Default configuration of WD’s My Cloud storage device keeps port open for unprivileged data exfiltration within a network.

Webstresser[.]org, a DDoS-for-hire market believed to be behind at least 4 million cyberattacks around the world, has served up its last internet-paralyzing traffic tsunami.