Banks Warned About 345-Day Security Gaps
Experts say annual penetration tests leave long windows where newly introduced vulnerabilities go unchecked.
Experts say annual penetration tests leave long windows where newly introduced vulnerabilities go unchecked.
Clorox-style Workplace Disruption Hits Israeli Employees After Iran Conflict
A cybersecurity firm says some staff were displaced and had to be supported through a parallel U.S. hub.
A cybersecurity firm says some staff were displaced and had to be supported through a parallel U.S. hub.
Florida Sues OpenAI and Sam Altman
The lawsuit alleges the company concealed risks and failed to protect users adequately.
The lawsuit alleges the company concealed risks and failed to protect users adequately.
Chinese-Speaking Hackers Deploy ‘Atlas’ Malware in Europe
The malware can steal files, monitor users, and access webcams and microphones.
The malware can steal files, monitor users, and access webcams and microphones.
Researchers Flag New HTTP/2 Bomb Attack Technique
Security experts warn that a few connections can overload servers by forcing them to hold resources open.
Security experts warn that a few connections can overload servers by forcing them to hold resources open.
Messaging App Bale Launches Mass Messaging Service
The platform now supports bulk sending of text, image, and video content without standard SMS limits.
The platform now supports bulk sending of text, image, and video content without standard SMS limits.
Russian Foreign Ministry Uses AI to Produce Media Content
Officials say AI-generated images and videos are clearly labeled for transparency.
Officials say AI-generated images and videos are clearly labeled for transparency.
😁1
Over 900 U.S. Fuel Monitoring Systems Exposed Online
Insecure internet-connected tank systems could be manipulated or disrupted by attackers.
Insecure internet-connected tank systems could be manipulated or disrupted by attackers.
UN Food Program Breach Exposes Data of 600,000 Gaza Households
Sensitive personal and location data leaked following cyberattack on aid distribution systems.
Sensitive personal and location data leaked following cyberattack on aid distribution systems.
NSA Reportedly Collaborates with Anthropic on Cybersecurity AI
Advanced AI models are being explored for vulnerability detection and cyber operations.
Advanced AI models are being explored for vulnerability detection and cyber operations.
IBM Accused of Concealing Past Chinese State-Linked Breaches
Legal complaint alleges repeated intrusions and data exfiltration incidents were not disclosed.
Legal complaint alleges repeated intrusions and data exfiltration incidents were not disclosed.
Chrome Patches Record 429 Security Vulnerabilities
Massive update addresses numerous high-risk flaws in the popular web browser.
Massive update addresses numerous high-risk flaws in the popular web browser.
AI Discovers 21 Long-Hidden FFmpeg Zero-Day Vulnerabilities
Critical flaws in widely used media library remained undetected for up to two decades.
Critical flaws in widely used media library remained undetected for up to two decades.
Miasma Supply Chain Attack Hits 73 Microsoft GitHub Repos
Self-propagating malware spreads through trusted open-source repositories, disrupting projects.
Self-propagating malware spreads through trusted open-source repositories, disrupting projects.
Cisco SD-WAN Vulnerability Exploited with No Patch Available
CVE-2026-20245 lets attackers run root commands via crafted file uploads on exposed systems.
CVE-2026-20245 lets attackers run root commands via crafted file uploads on exposed systems.
“Asin” Android Spyware Targets Journalists in MENA Region
Malicious apps disguised as tools spread via fake sites and steal sensitive data from Android devices.
Malicious apps disguised as tools spread via fake sites and steal sensitive data from Android devices.
Critical WordPress Plugin Flaw Enables Full Site Takeover
Everest Forms Pro bug allows unauthenticated attackers to execute code and create admin accounts.
Everest Forms Pro bug allows unauthenticated attackers to execute code and create admin accounts.
Hackers Abuse Cloud Servers for Covert Email Network
Compromised AWS, Google Cloud, and Azure instances were chained into a rotating spam proxy system.
Compromised AWS, Google Cloud, and Azure instances were chained into a rotating spam proxy system.
Forwarded from 𓂆 Palestine
An Israeli company has backdoored hundreds of millions of households through countless Smart TV apps, and they're quietly turning Samsung and LG TVs into exit nodes for AI web-scraping. Your TV is relaying strangers' web traffic from your home IP, your bandwidth, your address attached to whatever those scraping jobs touch.
Roku, Fire TV and Google TV banned the practice. Samsung and LG didn't. The culprit is Bright Data's proxy SDK, which rides inside Tizen and webOS apps, 200+ on webOS alone. Datacenter IPs get blocked, home IPs don't.
Include Security reverse-engineered the SDK and found its relay protocol has no message signing, authentication, or device attestation. Their words: less secure than typical malware command-and-control.
To make things worse, they found that in iOS the relay tunnel binds straight to the physical network interface, so it routes around any VPN the user is running.
Bright Data's config also ships per-country tiers. Devices in Uzbekistan and Oman are cleared to relay down to 1% battery, with data caps up to 60x the worldwide default.
Before the BaCkDoOrEd replies land: technically you agreed. In practice you were enrolled into a global proxy network you were never given the information to refuse. And these exit nodes drag down your IP's reputation, potentially leaving you with blocks from providers.
Roku, Fire TV and Google TV banned the practice. Samsung and LG didn't. The culprit is Bright Data's proxy SDK, which rides inside Tizen and webOS apps, 200+ on webOS alone. Datacenter IPs get blocked, home IPs don't.
Include Security reverse-engineered the SDK and found its relay protocol has no message signing, authentication, or device attestation. Their words: less secure than typical malware command-and-control.
To make things worse, they found that in iOS the relay tunnel binds straight to the physical network interface, so it routes around any VPN the user is running.
Bright Data's config also ships per-country tiers. Devices in Uzbekistan and Oman are cleared to relay down to 1% battery, with data caps up to 60x the worldwide default.
Before the BaCkDoOrEd replies land: technically you agreed. In practice you were enrolled into a global proxy network you were never given the information to refuse. And these exit nodes drag down your IP's reputation, potentially leaving you with blocks from providers.
❤1