Privacy Roundup: Week 12 of Year 2025

not

                March 24, 2025

            Privacy Roundup: Week 12 of Year 2025

                Week 12 features news items covering Android apps harvesting Wi-Fi and Bluetooth connection data, Apple Passwords using insecure HTTP, Reddit posts pushing information stealers, and more!

            Hi!
Welcome to the start of another (work) week, but Week 12 of the Privacy Roundup is here. This edition covers news items published between 16 MAR 2025 - 22 MAR 2025, including interesting (if disturbing) stories like:
Researchers finding a large percentage of Android apps leveraging Wi-Fi and Bluetooth connection information to collect user location data.
Threat actors spreading links to Lumma Stealer malware on Reddit posts in cryptocurrency-related subreddits.
Microsoft refusing to address nation-state threat actors abusing malicious shortcut files in Windows.
Apple not using HTTPS by default for its Passwords app for months.
Another case of a game on Steam being malware in disguise.
Read Week 12
Privacy Tip of the Week: You should at least enable MFA on important/sensitive accounts. While MFA is primarily a security feature, its primary privacy benefit is adding another layer of security to prevent unauthorized access to information contained in particular important or sensitive accounts.
Enjoy!

Visit avoidthehack.com

Follow on Mastodon - View on GitHub - See RSS feed

    Read more:

                Privacy Roundup: Week 11 of Year 2025
                Week 11 features Apple patching a zero-day in WebKit, an ICE tool that can monitor 200+ websites, data brokers bragging about having personal information of billions, and more!

                Privacy Roundup: Week 10 of Year 2025
                Week 10 of the Privacy Roundup features Apple appealing UK order, EFF releasing Stingray hunting open source software, a massive malvertising campaign, and more!

Don't miss what's next. Subscribe to Updates From Avoid the Hack!: