"It is also possible for an attacker to take control over the profile pictures the user sees, swapping them for inappropriate content," researchers said.
"With a maximum child tax credit of $1,000 per child, that is a potentially significant return on investment," researchers said.
The security researcher said Uber marked his bug report as "informative", which means it contains "useful information but did warrant an immediate action or fix".
Hackers frequently look to target and exploit curious users by tapping into trending issues, events in the news or widely publicised ones in their attacks.
Intel has disclosed that the patches were causing devices to reboot unexpectedly among other "unpredictable" behavior.
Clarke is the latest in a slew of US conservative political figures and reporters targeted by the Turkish hacking group.
Malicious websites used to generate password details for the fintech network "IOTA" are reportedly to blame for the theft of nearly $4 million from users' cryptocurrency wallets.
"Since both the Chrome and Firefox extensions mostly add themselves through forced installs, it's not always possible to avoid getting them," researchers said.
Over the past few years, DDoS attacks have become more sophisticated, common and cheaper to carry out as a popular tool in cybercriminals' arsenal.
The disclosure comes several days after users who purchased products on OnePlus' website reported credit card fraud earlier this month.
A 21-year-old computer hacker from the UK who made more than $700,000 by selling malware on the dark web has been jailed after being found guilty of multiple cybercrime charges.
Security researchers suspect that the Necurs botnet may be giving the new Dridex campaign a boost – something the botnet has done before.
The data breach is suspected to be the work of an "advanced and professional" hacker or hacker group, and could impact nearly half of Norway's population.
The Lebanon-linked hacker group has successfully targeted mobile devices of military personnel, medical professionals, journalists, lawyers, activists and more.
Hackers are using new Microsoft Office bugs to spread Zyklon in a new spam campaign targeting the telecommunications, insurance and financial services industries.
For several months, a primary router of the Muscat Securities Market has both its username and password as "admin".
More than 50 Android apps on Google's Play Store found to be housing malicious code hackers could use to steal Facebook passwords.
High-risk vulnerabilities found in SinVR app leaked personally identifiable information of customers for around five days.
Swisscoin is an obscure cryptocurrency and its trading was briefly suspended after it was reported to be a ponzi scheme.
The Satori variant comes less than a month after hackers posted the working code for a Huawei router exploit, which was used by the original Satori botnet, for free.
The attack comes just days after the group hacked the accounts of India's top diplomat to the United Nations and World Economic Forum president.
The hacker claimed that the sale of the malware's source code made him "very rich", which experts suspect may be true.
A fresh bug affecting iOS and Apple Macs can let pranksters crash your Apple devices via a simple text message, a security expert has revealed.
Researchers spotted the extensions while investigating a recent suspicious spike in outbound network traffic from a customer's work station.
ARC-embedded processors are found in a wide range of internet-connected devices including cars, mobiles, TVs and cameras.
The photo is making waves on social media and has already drawn criticism, outrage and ridicule online.
North Korean hackers have increasingly targeted cryptocurrency firms and users to generate funds for a country squeezed by sanctions and trade restrictions.
The malware is believed to have been created by a nation-state and has reportedly been publicly available online for nearly a month.
A US hospital has paid hackers $55,000 (£39,900) to restore control of its computer systems after they were infected with a strain of ransomware known as "SamSam".
UK's spy nerve centre hopes old cypher will pique interest of young girls who have code-breaking knack and inspire them to join the service as adults.