A malicious app can exploit the issue, which could affect up to 30 percent of Android phones.
Attackers are filling out and submitting web-based "contact us" forms, thus evading email spam filters.
In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to.
Researchers allege that software used for downloading Android apps onto PCs and Macs has been compromised to install malware onto victim devices.
A security flaw in TikTok could have allowed attackers to query query the platform's database – potentially opening up for privacy violations.
The new tools on Chrome and Edge will make it easier for browser users to discover – and change – compromised passwords.
Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.