Liberating AirPods With Bluetooth Spoofing | Hackaday LibrePods is an app for Android and Linux that unlocks AirPods’ hidden features, like noise reduction and ear detection, by spoofing their Bluetooth ID. While it offers advanced functionality, including use as hearing aids, it requires root access on most Android devices and Apple may eventually block this workaround.

Continue reading →


Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild Apple has released security updates for multiple operating systems and its Safari browser to address two WebKit flaws that have been exploited in the wild. One of these vulnerabilities, CVE-2025-14174, is the same flaw previously patched in Google Chrome.

Continue reading →


France and Germany Grappling With Nation-State Hacks The French Ministry of Interior is investigating a suspected nation-state cyberattack on its email server, while Germany has attributed a 2024 hacking incident on its air traffic control systems to Russian nation-state hackers. These incidents highlight a broader trend of hybrid tactics, including hacking and disinformation, employed by Russia against European nations.

Continue reading →


EU’s top court rules that online marketplaces are responsible for processing of data in ads | The Record from Recorded Future News The EU’s top court has ruled that online marketplaces are responsible for processing data in ads under the GDPR, requiring them to obtain consent for sensitive data and verify advertisers. This decision significantly impacts data protection compliance across the EU, with some experts predicting challenges for hosting sites and potential implications for free expression and privacy.

Continue reading →


Autonomously Finding 7 FFmpeg Vulnerabilities With AI - ZeroPath Blog | ZeroPath This document details seven vulnerabilities found in FFmpeg, including buffer overflows and invalid frees, stemming from issues like integer truncation, unbounded serialization, off-by-one errors, and incorrect stream indexing. ZeroPath’s AI SAST identified these by analyzing allocation and copy alignment, framing invariants, packet builder capacities, cardinality propagation, and offset arithmetic integrity, often bypassing limitations of traditional fuzzers and static analysis tools.

Continue reading →


Poetry can trick AI models like ChatGPT into revealing how to make nuclear weapons, study finds | The Independent A new study reveals that poetry-based prompts can trick AI models like ChatGPT into bypassing safety features and revealing instructions for creating malware or nuclear weapons. This method, termed adversarial poetry, successfully circumvented controls in major AI models, with poetic prompts leading to a significantly higher rate of unsafe replies compared to prose.

Continue reading →


Iran’s ‘MuddyWater’ Levels Up With MuddyViper Backdoor The Iran-aligned cyberespionage group MuddyWater has evolved its tactics, employing new tools like the MuddyViper backdoor and Fooder loader for more stealthy operations. This shift from historically noisier methods indicates an increased focus on espionage and defense evasion, with potential collaboration observed with another Iran-aligned actor, Lyceum.

Continue reading →


Korea arrests suspects selling intimate videos from hacked IP cameras Korean police have arrested four suspects for hacking over 120,000 IP cameras and selling the stolen intimate videos on an overseas adult website. Investigations are ongoing against the website’s operators and buyers, with authorities collaborating internationally to shut down the platform and prevent further harm to victims.

Continue reading →


The search engine deceiver: how TrackMeNot hides your queries in a cloud of noise

Update note: TrackMeNot is no longer actively maintained—the last update was in November 2019. The extension still functions on Firefox and can be manually installed on Chromium browsers, but users should understand that unmaintained browser extensions pose security risks. Without ongoing updates, the extension won’t receive patches for newly discovered vulnerabilities or adapt to changes in browser APIs. If you choose to use TrackMeNot, you’re accepting these trade-offs in exchange for the obfuscation benefits it provides.

Your search history is a window into your soul. It reveals your fears, your ambitions, your health concerns, your political leanings, your midnight curiosities. Every query you type into Google, Bing, Yahoo, or DuckDuckGo gets logged, analyzed, and folded into an ever-expanding profile of who you are.

Continue reading →


The ad blocker that fights back: why AdNauseam deserves your attention

When most people think about ad blockers, they picture a simple transaction: install the extension, ads disappear, browsing improves. But what if I told you there is an ad blocker that does more than hide from the surveillance economy — it actively sabotages it?

Meet AdNauseam, and prepare to have your assumptions about online privacy challenged.

Continue reading →


Washington Post says it is among victims of cyber breach tied to Oracle software | Reuters The Washington Post has announced it is a victim of a cyber breach linked to Oracle software, specifically the Oracle E-Business Suite platform. This breach is attributed to the ransomware group CL0P, which has targeted numerous organizations using this Oracle software.

Continue reading →


What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) This article details a pre-authenticated Remote Code Execution vulnerability (CVE-2025-34299) found in Monsta FTP, a web-based FTP client. Despite attempts to patch, the vulnerability persisted in later versions until version 2.11.3 was released on August 26, 2025.

Continue reading →


Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace | CSO Online A Visual Studio Code extension containing ransomware-style behavior and data-stealing capabilities, dubbed Ransomvibe, was successfully published to Microsoft’s marketplace. Despite containing obvious red flags like hardcoded credentials and decryption tools, the extension bypassed review and highlights a failure in Microsoft’s marketplace security.

Continue reading →


Cisco fixes critical UCCX flaw allowing Root command execution Cisco has addressed a critical vulnerability (CVE-2025-20354) in its Unified Contact Center Express (UCCX) software, which could allow remote attackers to execute commands with root privileges. The flaw stems from improper authentication in the Java RMI process, enabling unauthenticated attackers to upload files and run commands on affected systems.

Continue reading →


Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation Nine malicious NuGet packages have been discovered, containing logic bombs set to detonate in August 2027 and November 2028, targeting database operations and industrial control systems. The packages, published by user “shanhai666” and collectively downloaded nearly 9,500 times, employ sophisticated techniques to disguise attacks as random failures, making incident response extremely difficult.

Continue reading →


Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More A new cryptocurrency scam uses fake 0-day exploit emails to trick users into running malicious JavaScript code, leading them to believe they can achieve massive profits. The attackers manipulate the user’s browser to display inflated payouts and hijack transactions, directing funds to their own crypto wallets.

Continue reading →


Federally Qualified Health Center Reports Ransomware Breach The Central Jersey Medical Center, a federally qualified health center, has reported a ransomware attack that occurred on August 25th, potentially compromising sensitive patient information including names, dates of birth, social security numbers, and health records. The center is working with cybersecurity experts to investigate and enhance its security measures, though it has not disclosed if data was exfiltrated or the number of individuals affected.

Continue reading →


China-linked hackers exploited Lanscope flaw

China-linked hackers exploited Lanscope flaw as a zero-day in attacks www.bleepingcomputer.com/news/secu… China-linked cyber-espionage actors tracked as ‘Bronze Butler’ (Tick) exploited a Motex Lanscope Endpoint Manager vulnerability as a zero-day to deploy an updated version of their Gokcpdoor malware. The discovery of this activity comes from Sophos researchers, who observed the threat actors exploiting the vulnerability in mid-2025 before it was patched to steal confidential information. The flaw exploited in these attacks is CVE-2025-61932, a critical request origin verification flaw impacting Motex Lanscope Endpoint Manager versions 9.

Continue reading →


CISA warns ransomware gangs exploit CVE-2024-1086

CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. securityaffairs.com/184076/se… CISA warned that ransomware gangs are exploiting CVE-2024-1086, a high-severity Linux kernel flaw introduced in 2014 and patched in January 2024. CISA didn’t provide details about the ransomware attacks exploiting the flaw or name the groups responsible for targeting it. The vulnerability CVE-2024-1086 is a Linux kernel use-after-free issue that resides in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.

Continue reading →


Australia warns of BadCandy infections

Australia warns of BadCandy infections on unpatched Cisco devices www.bleepingcomputer.com/news/secu… The Australian government is warning about ongoing cyberattacks against unpatched Cisco IOS XE devices in the country to infect routers with the BadCandy webshell. The vulnerability exploited in these attacks is CVE-2023-20198, a max-severity flaw that allows remote unauthenticated threat actors to create a local admin user via the web user interface and take over the devices. Cisco fixed the flaw in October 2023, which was then marked as an actively exploited issue.

Continue reading →