Poco C85 gets official with very familiar specs

https://ift.tt/w1rmlbq

This is when the Infinix GT 30 will launch globally

https://ift.tt/QfLsnSB

Even more details about the iQOO 15 leak, including main camera specs

https://ift.tt/GC0EBo9

Google Pixel 10a will stick to Tensor G4, claims tipster

https://ift.tt/P2O7Jsh

Tecno Spark Slim and Pova Slim introduced with impressively slim bodies

https://ift.tt/AjHzrKG

Oppo Find X9 design leaked, phone listed on Geekbench

https://ift.tt/j1DFrG5

🚨 A fake npm package just hijacked crypto wallets.

“nodejs-smtp” disguised itself as the legit nodemailer library—while secretly injecting code into Atomic & Exodus apps to steal BTC, ETH, USDT, XRP, and SOL.

Full story → https://thehackernews.com/2025/09/malicious-npm-package-nodejs-smtp.html

⚠️ UPDATE: ReliaQuest confirms attackers used CVE-2025-54309 to hijack the “crushadmin” account as a backdoor.

55k+ devices still expose CrushFTP online. Logs showing “failed” attempts ≠ safe.

Details → https://thehackernews.com/2025/07/hackers-exploit-critical-crushftp-flaw.html

🚨 UPDATE: Zscaler confirms it’s the latest victim of the Salesloft Drift breach.

Attackers accessed its Salesforce instance, stealing customer contact details, licensing info, and some support case text.

No misuse seen yet. Access revoked, tokens rotated.
Details → https://thehackernews.com/2025/08/google-warns-salesloft-oauth-breach.html

🔴 Most SIEM alerts are junk. 74% of breaches had warnings — but analysts ignored them, buried under 5,000+ daily false positives.

The price? Burnout, wasted millions, and missed threats.

Why the SOC’s beating heart is now its weakest link → https://thehackernews.com/expert-insights/2025/09/the-high-cost-of-useless-alerts-why.html

🛑 Your antivirus can be turned against you.

Hackers hijacked a Microsoft-signed Windows driver to kill 🪲 security tools—then slip in ValleyRAT spyware.

The trick? One flipped byte ⚡ to dodge blocklists.

Here’s how it works ↓ https://thehackernews.com/2025/09/silver-fox-exploits-microsoft-signed.html

🚨 3 days of nonstop brute-force attacks

Researchers traced a record wave of VPN & RDP break-ins to a Ukrainian network (FDN3) tied to bulletproof hosting gangs.

The setup looks custom-built for ransomware: https://thehackernews.com/2025/09/ukrainian-network-fdn3-launches-massive.html

"Xiaomi unveils its next-gen 6G innovation at the 6G RAN meeting in Bangalore. Key focus: advanced beam management for ultra-high speeds and low latency. Collaborating with industry leaders to shape 6G’s future! 📡"

🔗 Check More

Zfsbackrest: Pgbackrest style encrypted backups for ZFS filesystems
Article, Comments

Bash Prompts Collection
Article, Comments

Apple pulls iPhone torrent app from AltStore PAL in Europe
Article, Comments

FreeDroidWarn

Overview
This library shows an alert dialog with a deprecation warning informing that Google will require developer verification for Android apps outside the Play Store from 2026/2027 which the developer is not going to provide.

Google has announced that, starting in 2026/2027, all apps on certified Android devices
will require the developer to submit personal identity details directly to Google.
Since the developers of this app do not agree to this requirement, this app will no longer
work on certified Android devices after that time.

https://github.com/woheller69/FreeDroidWarn

https://www.androidauthority.com/android-developer-verification-requirements-3590911/

https://developer.android.com/developer-verification

Test version.

Commit Message:

update to 12.0.1 (6166)

See commit details 1b9b962