#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

GPS Tracker | Breaking Cybersecurity News | The Hacker News

Category — GPS Tracker
Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely

Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely

Jul 20, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a handful of unpatched security vulnerabilities in  MiCODUS MV720  Global Positioning System (GPS) trackers outfitted in over 1.5 million vehicles that could lead to remote disruption of critical operations. "Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control of the global positioning system tracker," CISA  said . "These vulnerabilities could impact access to a vehicle fuel supply, vehicle control, or allow locational surveillance of vehicles in which the device is installed." Available on sale for $20 and manufactured by the China-based MiCODUS, the company's tracking devices are employed by major organizations in 169 countries spanning aerospace, energy, engineering, government, manufacturing, nuclear power plant, and shipping sectors. The top countries with the most users include Chile, Australia, Mexico, Ukraine, Russi...
Flaws in Over Half a Million GPS Trackers Expose Children Location Data

Flaws in Over Half a Million GPS Trackers Expose Children Location Data

Sep 06, 2019
What if the tech intended to ensure that your kids, senior citizens, and pets are safe even when they're out of sight inadvertently expose them to stalkers? An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25–$50 have been found vulnerable to a handful of dangerous vulnerabilities that may have exposed user's real-time locations, security researchers have claimed. Cybersecurity researchers from Avast discovered that 29 models of GPS trackers made by Chinese technology company Shenzhen i365 for keeping tabs on young children, elderly relatives, and pets contain a number of security vulnerabilities. Moreover, all over half a million tracking devices were shipped with the same default password of "123456," leaving an opportunity for attackers to easily access tracking information for those who never changed the default password. Vulnerabilities in GPS Tracking Devices The reported GPS tracking device vulnerabili...
Hundreds of GPS Location Tracking Services Leaving User Data Open to Hackers

Hundreds of GPS Location Tracking Services Leaving User Data Open to Hackers

Jan 04, 2018
Security researchers have unearthed multiple vulnerabilities in hundreds of GPS services that could enable attackers to expose a whole host of sensitive data on millions of online location tracking devices managed by vulnerable GPS services. The series of vulnerabilities discovered by two security researchers, Vangelis Stykas and Michael Gruhn, who dubbed the bugs as ' Trackmageddon ' in a report , detailing the key security issues they have encountered in many GPS tracking services. Trackmageddon affects several GPS services that harvest geolocation data of users from a range of smart GPS-enabled devices, including children trackers, car trackers, pet trackers among others, in an effort to enable their owners to keep track of where they are. According to the researchers, the vulnerabilities include easy-to-guess passwords (such as 123456), exposed folders, insecure API endpoints, and insecure direct object reference (IDOR) issues. By exploiting these flaws, an unaut...
cyber security

Free Tool: Help Desk Verification Codes

websitePush SecurityThreat Detection / Identity Security
Get secure, rotating codes in employee browsers to verify their identity and stop Scattered Spider breaches.
BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

Jul 08, 2025Financial Scams / Online Security
A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news outlets: CNN, BBC, CNBC, or regional media. They publish fake stories that feature public figures, central banks, or financial brands, all claiming to back new ways to earn passive income. The goal? Build trust quickly and steer readers toward professional-looking scam platforms like Trap10, Solara Vynex, or Eclipse Earn. Scammers use sponsored ads on Google, Meta, and blog networks to push traffic to these sites. Ads often carry clickbait headlines—"You won't believe what a prominent public figure just revealed"—paired with official photos or national flags to make them feel legit. Clicking the ad directs users to a fake article, which then redirects them to a fraudulent trading platform. Many of these scams follow a...
Google Collects Android Location Data Even When Location Service Is Disabled

Google Collects Android Location Data Even When Location Service Is Disabled

Nov 21, 2017
Do you own an Android smartphone? If yes, then you are one of those billions of users whose smartphone is secretly gathering location data and sending it back to Google. Google has been caught collecting location data on every Android device owner since the beginning of this year (that's for the past 11 months)—even when location services are entirely disabled, according to an investigation conducted by Quartz. This location-sharing practice doesn't want your Android smartphone to use any app, or turn on location services, or even have a SIM card inserted. All it wants is to have your Android device to be connected to the Internet. The investigation revealed that Android smartphones have been collecting the addresses of nearby cellular towers, and this data could be used for " Cell Tower Triangulation "—a technique widely used to identify the location of a phone/device using data from three or more nearby cell towers. Each time your Android device come...
Hacking Fitbit Health Trackers Wirelessly in 10 Seconds

Hacking Fitbit Health Trackers Wirelessly in 10 Seconds

Oct 23, 2015
Do you need a FitBit Tracker while jogging or running or even sleeping? Bad News! FitBit can be hacked that could allow hackers to infect any PC connected to it. What's more surprising? Hacking FitBit doesn't take more than just 10 Seconds . Axelle Aprville , a researcher at the security company Fortinet, demonstrated "How to hack a Fitbit in only 10 seconds," at the Hack.Lu conference in Luxembourg. Aprville's test was a proof of concept (POC) that did not actually focus on executing malicious payload, rather a logical attack. By using only Bluetooth, Aprville was able to modify data on steps and distance. However, she said it is possible to infect the device in an attempt to spread malware to synced devices. Fitbit Flex tracker is a flexible wristband that measures health statistics, such as blood pressure and heart rate. The Flex is a product of Fitbit, and its salient features are: It can wake you up with a silent vibrati...
Tinder Online Dating app vulnerability revealed Exact Location of Users

Tinder Online Dating app vulnerability revealed Exact Location of Users

Feb 20, 2014
Using Popular Online Dating app - Tinder on iPhone ?? Then you are at significant risk that exposed members' private information without their knowledge. Online Dating app Tinder, available for the iPhone from the app store , has become incredibly popular in the past few months. Tinder app allows you to find dates nearby your location within a few miles and connects you with them, but a vulnerability allowed the attacker to potentially pinpoint your exact location to within 100 feet. Security Researchers at Include Security discovered that Tinder GPS vulnerability making members vulnerable to hackers. The Security flaw was discovered by the company last October, that enabled any member with some programming skills to access the app's API (Application Programming Interface) to get the exact latitude and longitude for another member. " Due to Tinder's architecture, it is not possible for one Tinder user to know if another took advantage of this ...
Expert Insights Articles Videos
Cybersecurity Resources