Pixel 10 Pro Fold Becomes First Foldable with Full IP68 Protection
https://www.gizchina.com/2025/07/16/pixel-10-pro-fold-becomes-first-foldable-with-full-ip68-protection/

🛑 Google’s AI just stopped a cyberattack before it even began.

An LLM agent named Big Sleep discovered a critical SQLite flaw (CVE-2025-6965) that threat actors were likely about to exploit—making it the first known case of an AI foiling a live exploit attempt.

Details on how it worked → https://thehackernews.com/2025/07/google-ai-big-sleep-stops-exploitation.html

⚠️ WARNING - Google Chrome Zero-Day Alert!

A new exploit is hitting users right now — CVE-2025-6558 lets attackers break out of the browser sandbox.

Update Chrome ASAP → https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.html

(Edge, Brave, Opera users: you're not safe either.)

🚨 Two Android threats just collided — and it’s getting wild.

Hackers are using evil twin apps with the same package name as legit Play Store apps to deliver Konfety malware — now upgraded with fake encryption, APK crashes, dynamic payloads, and hidden installs.

At the same time, TapTrap lets apps hijack your screen taps to grant malware dangerous permissions — no user awareness needed.

This isn’t theoretical. Android 16 is still vulnerable.

Details here → https://thehackernews.com/2025/07/new-konfety-malware-variant-evades.html

🚨 M&A chaos isn't just financial—it’s identity chaos too.

Mergers can spawn 25+ siloed systems, untracked privileged accounts, and dangerous role creep. One wrong move? Audit failures or full-blown breaches.

Here’s how to restore order before risk takes over ↓ https://thehackernews.com/expert-insights/2025/07/identity-challenges-in-mergers-and.html

⚡ Deepfake CEOs. Fake job offers. Cloned websites.

AI-powered scams are fooling even trained teams—because they look real. These aren’t phishing emails. They’re full-scale impersonation attacks.

See how to stop them in real time.

Watch the webinar → https://thehackernews.com/2025/07/deepfakes-fake-recruiters-cloned-cfos.html

🚨 One flaw. Total takeover.

A critical bug in Windows Server 2025 lets attackers generate any dMSA/gMSA password—across the forest.

It bypasses Credential Guard and can persist for years.

Details here → https://thehackernews.com/2025/07/critical-golden-dmsa-attack-in-windows.html

🚨 Your AI agent isn’t just helping—it has full access to code, payroll, email, and more.

If one device gets hacked, it can leak everything—fast.

The real risk? It’s not the AI. It’s who (or what) can talk to it.

Learn how to lock it down → https://thehackernews.com/2025/07/ai-agents-act-like-employees-with-root.html

ISPs are high-value DDoS targets—and need tailored defenses.

We tested the DDoS resilience of a leading mobile operator by simulating six attacks that bypassed their CDN and hit the origin server directly.

While network-layer attacks were blocked, two app-layer attacks—a GET Flood and POST Flood—slipped through.

Read the full case study and our hardening recommendations → https://thn.news/african-telecom-ddos

🚨 Hackers are exploiting fully patched SonicWall SMA 100 firewalls using stolen OTP seeds and a stealth backdoor.

Google says the malware, OVERSTEP, rewrites boot scripts, hides logs, and steals credentials—persisting even after reboots.

Full story → https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html

Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying | Electronic Frontier Foundation
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying

Introduction - Rayhunter - An IMSI Catcher Catcher
https://efforg.github.io/rayhunter/

Privacy and security are not just use of programs. It's also habits and practices. If you don't want to share it with the internet it might be best to be kept offline.

https://www.makeuseof.com/screenshots-you-shouldnt-save-on-smartphone/

OpenAI Vulnerability: 48 Days, No Response
Article, Comments

Where's Firefox going next?
Article, Comments

Lead GrapheneOS developer was forcibly conscripted into a war
Article, Comments

Shipping WebGPU on Windows in Firefox 141
Article, Comments

Ukrainian hackers destroyed the IT infrastructure of Russian drone manufacturer
Article, Comments

Telegram User Identification via Facial Recognition

Users on Telegram’s test server have discovered an officially verified bot that scans faces using the camera — likely for identity verification purposes.

This bot’s development is presumably linked to a law that will soon take effect in the United Kingdom. The law requires websites and apps distributing adult content to verify the age of users seeking access to such material.

The @tginfo editorial team firmly believes that no identity verification requirements will be introduced for users outside the UK in the near future.

#UnitedKingdom

Keyboard Input Injection vulnerability in Air Keyboard iOS App Still Unpatched
https://www.mobile-hacker.com/2025/07/17/remote-input-injection-vulnerability-in-air-keyboard-ios-app-still-unpatched/