High profile TikTok accounts, including CNN, Sony, and—er—Paris Hilton have been targeted in a recent attack.
CNN was the first account takeover that made the news, with Semafor reporting that the account was down for several days after the incident. According to Forbes, the attack happens without the account owner needing to click on or open anything—known as a zero-click attack. All they need to do is open a DM. The account is then taken over and the user loses access.
Read more…
Source: Malwarebytes Labs
Related:
- France: Ten people found guilty of cyberbullying Brigitte Macron
January 5, 2026
A Paris court has found ten people guilty of cyberbullying France’s first lady Brigitte Macron. All defendants were handed a variety of sentences, ranging from cyberbullying awareness training to eight-month suspended prison terms. The French court pointed to “particularly degrading, insulting, and malicious” comments referring to false claims regarding alleged trans identity and alleged criminality targeting ...
- Hackers hijacking WhatsApp accounts without any need to crack the authentication
December 21, 2025
Security researchers are warning WhatsApp users about a growing account hijacking technique that does not rely on breaking passwords or bypassing encryption. Attackers exploit WhatsApp’s legitimate device-linking feature to quietly attach their own browser to a victim’s account. Once linked, the attacker can read messages in real time, download shared media, and send messages that appear ...
- Australia: Age verification errors see some under-16s retain access to banned social media platforms
December 11, 2025
It’s day one of the social media ban and, unsurprisingly, it hasn’t been a smooth launch. Many children have already been able to get around the ban in various ways, with age assurance systems misclassifying users and workarounds such as VPNs and make-up tricks being used. The government admitted the ban would not be perfect or ...
- Goodbye, dark Telegram: Blocks are pushing the underground out
December 9, 2025
Telegram has won over users worldwide, and cybercriminals are no exception. While the average user chooses a messaging app based on convenience, user experience and stability (and perhaps, cool stickers), cybercriminals evaluate platforms through a different lens. When it comes to anonymity, privacy and application independence – essential criteria for a shadow messaging app – ...
- How phishers hide banking scams behind free Cloudflare Pages
December 8, 2025
During a recent investigation, we uncovered a phishing operation that combines free hosting on developer platforms with compromised legitimate websites to build convincing banking and insurance login portals. These fake pages don’t just grab a username and password–they also ask for answers to secret questions and other “backup” data that attackers can use to bypass multi-factor ...
- X gets $140 million EU fine for breaching content rules but TikTok settles
December 5, 2025
Elon Musk’s social media company X was fined 120 million euros ($140 million) by EU tech regulators on Friday for breaching online content rules, the first sanction under landmark legislation that once again drew criticism from the U.S. government. While X did not respond to an emailed request for comment, Musk replied “Bullshit” under a European ...