Security news aggregator

Latest coverage for Social Media

Covers how social media can expose personal data, spread scams, enable account takeover, and provide channels for influence or abuse.

895 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Social media comprises online services where people and organizations publish content, communicate, and form networks. The term covers public posts, private messages, groups, live streams, advertising systems, and the APIs and third-party applications that process platform data.

For security teams, these platforms expose identity, relationship, and behavioral information that can support targeted phishing, impersonation, or social engineering. Compromised accounts may be used to distribute malicious links or fraud, while excessive sharing and poorly controlled integrations can expose personal or corporate data. Relevant controls include strong authentication, phishing-resistant account recovery, least-privilege access for connected applications, monitoring for brand and executive impersonation, and clear retention and privacy policies. Public posts and platform telemetry can also provide threat intelligence, but collection and use may be constrained by privacy obligations and applicable data-protection rules.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 895

Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium’s zLabs researchers have published a detailed analysis of Rokarolla, a new Android banking trojan named after its command-and-control infrastructure. It spreads through malicious websites masquerading as TikTok and Chrome, one confirmed distribution point being […]

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

A flaw in Meta’s AI-powered Instagram recovery tool exposed over 20,000 accounts, letting attackers reset passwords and take over profiles. Meta’s High Touch Support tool, known as HTS, was designed to help Instagram users recover locked accounts: you provide an email address, you get a password reset link. The flaw was equally simple: the tool […]

Bank Info Security 1 month, 2 weeks ago

China Using LinkedIn to Recruit Government Insiders

Five Eyes Agencies Document 5-Step Chinese Job Platform Spy SchemeThe Five Eyes intelligence agencies issued a rare joint bulletin warning that Chinese military intelligence is using LinkedIn, Indeed, and Upwork to recruit government and military insiders. The operation targets clearance holders, military personnel, academics and journalists.

Bank Info Security 1 month, 2 weeks ago

Musk's X Asks US FTC to Nullify Data Security Order

Social Media Platform Files Petition With Agency Over May 2022 Consent OrderElon Musk's social media company wants a do-over with the U.S. Federal Trade Commission in a petition arguing the agency should terminate data security oversight 16 years early. The FTC began Tuesday a public comment period for X's request to set aside or fully modify a May 2022 consent order.

Loading more headlines...