hacking

https://www.theverge.com/2018/12/10/18134541/google-plus-privacy-api-data-leak-developers

the new vulnerability impacted 52.5 million users, who could have had profile information like their name, email address, occupation, and age exposed […] even if their account was set to private.

https://securelist.com/darkvishnya/89169/

https://techcrunch.com/2018/12/05/australia-rushes-its-dangerous-anti-encryption-bill-into-parliament/

https://blog.quora.com/Quora-Security-Update

We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party.

https://techcrunch.com/2018/11/30/starwood-hotels-says-500-million-guest-records-stolen-in-massive-data-breach/

contained a guest’s name, postal address, phone number, date of birth, gender, email address, passport number, […] arrival and departure information, reservation date […]

https://www.theverge.com/2018/11/16/18098286/vovox-security-breach-two-factor-authentication-2fa-codes-exposed

anyone could have monitored a near-real-time data stream to find the relevant two-factor authentication code sent after trying to log into someone else’s account.

https://techcrunch.com/2018/11/13/facebook-bug-website-leak-likes-interests-profile/

The vulnerability exposed the user and their friends’ interests, even if their privacy settings were set so that interests were only visible to the user’s friends

https://techcrunch.com/2018/11/08/security-flaw-in-dji-apps-exposed-accounts-to-hackers-and-drone-live-feeds/

It took about six months for popular consumer drone maker DJI to fix a security vulnerability across its website and apps

https://www.zdnet.com/article/hackers-breach-statcounter-to-hijack-bitcoin-transactions-on-gate-io-exchange/

https://www.technologyreview.com/s/612375/using-wi-fi-to-see-behind-closed-doors-is-easier-than-anyone-thought/

With nothing but a smartphone and some clever computation, researchers can exploit ambient signals to track individuals in their own homes.