Forwarded from The Hacker News
🔥 ALERT ➟ Microsoft issues urgent security patches for critical SharePoint RCE flaw (CVE-2025-53770), now under active exploitation worldwide.
Hackers are bypassing MFA, stealing keys, and targeting banks, government agencies, hospitals & more.
Details → https://thehackernews.com/2025/07/microsoft-releases-urgent-patch-for.html
If your SharePoint is on-prem and internet-facing—assume compromise. Patching alone won’t evict the threat.
🛡️ Urgent steps: Patch, rotate machine keys, restart IIS.
Hackers are bypassing MFA, stealing keys, and targeting banks, government agencies, hospitals & more.
Details → https://thehackernews.com/2025/07/microsoft-releases-urgent-patch-for.html
If your SharePoint is on-prem and internet-facing—assume compromise. Patching alone won’t evict the threat.
🛡️ Urgent steps: Patch, rotate machine keys, restart IIS.
Forwarded from The Hacker News
🚨 HPE Wi-Fi gear shipped with hardcoded admin logins.
CVE-2025-37103 scores 9.8/10—no password needed to hijack your network.
It can be chained with a second bug for full system takeover.
Full details → https://thehackernews.com/2025/07/hard-coded-credentials-found-in-hpe.html
CVE-2025-37103 scores 9.8/10—no password needed to hijack your network.
It can be chained with a second bug for full system takeover.
Full details → https://thehackernews.com/2025/07/hard-coded-credentials-found-in-hpe.html
Forwarded from The Hacker News
🚨 Over 3,500 websites hijacked to secretly mine crypto — just by visiting them.
The stealthy JavaScript miner hides in plain sight, adjusts intensity based on your device, and runs silently in the background.
It's linked to credit card theft too.
Read ↓ https://thehackernews.com/2025/07/3500-websites-hijacked-to-secretly-mine.html
The stealthy JavaScript miner hides in plain sight, adjusts intensity based on your device, and runs silently in the background.
It's linked to credit card theft too.
Read ↓ https://thehackernews.com/2025/07/3500-websites-hijacked-to-secretly-mine.html
Forwarded from The Hacker News
🚨 Hackers are bypassing FIDO keys—without breaking them.
A new phishing trick fools users into scanning legit QR codes, handing attackers full access.
The worst part? It abuses a real cross-device sign-in feature.
How PoisonSeed pulls it off ↓ https://thehackernews.com/2025/07/poisonseed-hackers-bypass-fido-keys.html
A new phishing trick fools users into scanning legit QR codes, handing attackers full access.
The worst part? It abuses a real cross-device sign-in feature.
How PoisonSeed pulls it off ↓ https://thehackernews.com/2025/07/poisonseed-hackers-bypass-fido-keys.html
Forwarded from The Hacker News
🚨 Over 80% of orgs are adopting Zero Trust by 2026—but AI is rewriting the playbook.
Predictive models block threats. Generative AI speeds triage. Agentic AI enforces policies autonomously.
The catch? Human oversight still makes or breaks security.
Learn more ↓ https://thehackernews.com/2025/07/assessing-role-of-ai-in-zero-trust.html
Predictive models block threats. Generative AI speeds triage. Agentic AI enforces policies autonomously.
The catch? Human oversight still makes or breaks security.
Learn more ↓ https://thehackernews.com/2025/07/assessing-role-of-ai-in-zero-trust.html
Forwarded from The Hacker News
⚠️ Zero-days are hitting faster than teams can patch.
→ SharePoint & Chrome under active attack
→ Hackers exploit NVIDIA, SQLite, CrushFTP
→ $2.17B stolen in crypto so far this year
→ AI just stopped a real-world exploit before humans did
This week proves: No system is safe.
Full recap → https://thehackernews.com/2025/07/weekly-recap-sharepoint-0-day-chrome.html
→ SharePoint & Chrome under active attack
→ Hackers exploit NVIDIA, SQLite, CrushFTP
→ $2.17B stolen in crypto so far this year
→ AI just stopped a real-world exploit before humans did
This week proves: No system is safe.
Full recap → https://thehackernews.com/2025/07/weekly-recap-sharepoint-0-day-chrome.html
Forwarded from GSMArena (IFTTT)
The vanilla Huawei Pura 80 pre-sales are starting on Wednesday, chipset leaks too
https://ift.tt/AoeyuG1
https://ift.tt/AoeyuG1
GSMArena.com
The vanilla Huawei Pura 80 pre-sales are starting on Wednesday, chipset leaks too
The vanilla model arrives over a month after the rest of the Pura 80 family launched in China. The vanilla Huawei Pura 80 is late to the party – the rest...
Forwarded from GSMArena (IFTTT)
Leak: the Google Pixel Watch 4 will have a brighter display, may have a new chipset after all
https://ift.tt/sMnXiQd
https://ift.tt/sMnXiQd
GSMArena.com
Leak: the Google Pixel Watch 4 will have a brighter display, may have a new chipset after all
Previously, it was reported that the Watch 4 will use the same Snapdragon W5 Gen 1 that Google used for the Watch 2 and Watch 3.
Forwarded from Gizchina.com
KOSPET MAGIC P10 & R10: Two Great Smartwatches For 2025
https://www.gizchina.com/2025/07/21/kospet-magic-p10-r10-best-budget-smartwatch-2025/
https://www.gizchina.com/2025/07/21/kospet-magic-p10-r10-best-budget-smartwatch-2025/
Forwarded from Gizchina.com
Vivo Y50 5G unveiled: huge battery, 90Hz screen, and great value
https://www.gizchina.com/2025/07/21/vivo-y50-5g-unveiled-huge-battery-90hz-screen-and-great-value/
https://www.gizchina.com/2025/07/21/vivo-y50-5g-unveiled-huge-battery-90hz-screen-and-great-value/
Forwarded from Gizchina.com
OPPO K13 Turbo Pro Launches with Snapdragon 8s Gen 4
https://www.gizchina.com/2025/07/21/oppo-k13-turbo-pro-launches-with-snapdragon-8s-gen-4/
https://www.gizchina.com/2025/07/21/oppo-k13-turbo-pro-launches-with-snapdragon-8s-gen-4/
Forwarded from #TBOT: Take Back Our Tech
#TBOT Show 7: The Significance of Dorsey’s Bitchat, Worlds First eSIM Hack, Mexico’s Digital ID, New Show Source Insights
Took a week off and now I’m back. 😎 (with a new addition to the show?!) (also - big sorry for the show being 40 minutes)
WATCH THE SHOW ON SUBSTACK
Here’s the stories for the week:
Jack Dorsey’s Bitchat - The Real Story: The tech mogul Jack Dorsey released a censorship proof messaging app in late June - named Bitchat. It runs a bluetooth mesh network, end to end encryption, and rolling IDs and is picking up traction. I share my thoughts on the app, and concerns I have - but that’s not even the real story. I think Jack has a bigger message than just the app.
World’s First eSIM Hack: A security lab out of Poland just demonstrated a hack on one of the largest SIM providers for IoT devices. We’ll get techy in our understanding and ask the question, could this impact our phones?
Digital ID, Coming Soon To Mexico: The Mexican government has signed a new Biometric ID law, known as the CURP. How is this enforced and what does it mean for Mexican residents? Find out today.
Decentralized Video Conferencing: Recently I’ve been relying more on video conferences instead of calling people, especially while traveling. Good thing I’ve got the Jitsi app, I’ll show you my setup!
New Show, “Source Insights”: You follow #TBOT to stay informed on tech freedom. Now go deeper with a new weekly show “Source Insights”, where Hakeem shares his tools, lifestyle and productivity tips, entrepreneurial advice, wisdom from guides, and personal experiences.
Go deeper, join me as a Source Seeker. Unlock access with a paid subscription.
UNLOCK ACCESS
🪄 We aim for our show to be well-researched, well-informed and focused on the most impactful stories
⭐️ PLUS - Each story comes with recommendations and there’s one cool tech trick or open-source solution every week.
We’ll be publishing full posts and clips of each of these stories soon.
Share this post with your crew. 🚢
👩💻Get private phones, laptops, and tablets
📲SIM Swap Survival Guide Webinar
Took a week off and now I’m back. 😎 (with a new addition to the show?!) (also - big sorry for the show being 40 minutes)
WATCH THE SHOW ON SUBSTACK
Here’s the stories for the week:
Jack Dorsey’s Bitchat - The Real Story: The tech mogul Jack Dorsey released a censorship proof messaging app in late June - named Bitchat. It runs a bluetooth mesh network, end to end encryption, and rolling IDs and is picking up traction. I share my thoughts on the app, and concerns I have - but that’s not even the real story. I think Jack has a bigger message than just the app.
World’s First eSIM Hack: A security lab out of Poland just demonstrated a hack on one of the largest SIM providers for IoT devices. We’ll get techy in our understanding and ask the question, could this impact our phones?
Digital ID, Coming Soon To Mexico: The Mexican government has signed a new Biometric ID law, known as the CURP. How is this enforced and what does it mean for Mexican residents? Find out today.
Decentralized Video Conferencing: Recently I’ve been relying more on video conferences instead of calling people, especially while traveling. Good thing I’ve got the Jitsi app, I’ll show you my setup!
New Show, “Source Insights”: You follow #TBOT to stay informed on tech freedom. Now go deeper with a new weekly show “Source Insights”, where Hakeem shares his tools, lifestyle and productivity tips, entrepreneurial advice, wisdom from guides, and personal experiences.
Go deeper, join me as a Source Seeker. Unlock access with a paid subscription.
UNLOCK ACCESS
🪄 We aim for our show to be well-researched, well-informed and focused on the most impactful stories
⭐️ PLUS - Each story comes with recommendations and there’s one cool tech trick or open-source solution every week.
We’ll be publishing full posts and clips of each of these stories soon.
Share this post with your crew. 🚢
👩💻Get private phones, laptops, and tablets
📲SIM Swap Survival Guide Webinar
Substack
#TBOT Show 7: The Significance of Dorsey’s Bitchat, Worlds First eSIM Hack, Mexico’s Digital ID, New Show Source Insights
Took a week off and now I’m back. 😎 (with a new addition to the show?!) (also, big sorry for the show being 40 minutes)
Forwarded from Android Security & Malware
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/unmasking-malicious-apks-android-malware-blending-click-fraud-and-credential-theft/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/unmasking-malicious-apks-android-malware-blending-click-fraud-and-credential-theft/
Levelblue
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and adaptable delivery mechanisms in mobile threat campaigns.
Forwarded from The Hacker News
⚠️ Zero-days are hitting faster than teams can patch.
→ SharePoint & Chrome under active attack
→ Hackers exploit NVIDIA, SQLite, CrushFTP
→ $2.17B stolen in crypto so far this year
→ AI just stopped a real-world exploit before humans did
This week proves: No system is safe.
Full recap → https://thehackernews.com/2025/07/weekly-recap-sharepoint-0-day-chrome.html
→ SharePoint & Chrome under active attack
→ Hackers exploit NVIDIA, SQLite, CrushFTP
→ $2.17B stolen in crypto so far this year
→ AI just stopped a real-world exploit before humans did
This week proves: No system is safe.
Full recap → https://thehackernews.com/2025/07/weekly-recap-sharepoint-0-day-chrome.html