Security news aggregator

Latest coverage for Social Media

Covers how social media can expose personal data, spread scams, enable account takeover, and provide channels for influence or abuse.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Social media comprises online services where people and organizations publish content, communicate, and form networks. The term covers public posts, private messages, groups, live streams, advertising systems, and the APIs and third-party applications that process platform data.

For security teams, these platforms expose identity, relationship, and behavioral information that can support targeted phishing, impersonation, or social engineering. Compromised accounts may be used to distribute malicious links or fraud, while excessive sharing and poorly controlled integrations can expose personal or corporate data. Relevant controls include strong authentication, phishing-resistant account recovery, least-privilege access for connected applications, monitoring for brand and executive impersonation, and clear retention and privacy policies. Public posts and platform telemetry can also provide threat intelligence, but collection and use may be constrained by privacy obligations and applicable data-protection rules.

Showing 8 most recent headlines Filtered view
Bank Info Security 1 month, 2 weeks ago

China Using LinkedIn to Recruit Government Insiders

Five Eyes Agencies Document 5-Step Chinese Job Platform Spy SchemeThe Five Eyes intelligence agencies issued a rare joint bulletin warning that Chinese military intelligence is using LinkedIn, Indeed, and Upwork to recruit government and military insiders. The operation targets clearance holders, military personnel, academics and journalists.

Bank Info Security 1 month, 2 weeks ago

Musk's X Asks US FTC to Nullify Data Security Order

Social Media Platform Files Petition With Agency Over May 2022 Consent OrderElon Musk's social media company wants a do-over with the U.S. Federal Trade Commission in a petition arguing the agency should terminate data security oversight 16 years early. The FTC began Tuesday a public comment period for X's request to set aside or fully modify a May 2022 consent order.

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term memory

Attackers exploited Meta’s AI support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. Attackers abused Meta’s AI-powered support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. The issue affected several users, including high-profile accounts, before Instagram fixed the flaw. Security researcher Jane Wong and other […]

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting account passwords.