"Choosing a Xiaomi phone? Consider the Taiwan ROM for:- Faster updates & stable security patches- Native dialer for silent call recording- Leaner software build with fewer bloatware- Full NFC payment compatibilityExperience HyperOS like never before!"

🔗 Check More

From Bank Scans to Metro Detentions: Russia’s Digital ID Reality

I recently talked with Jack Spirko on The Survival Podcast and I shared what I’d learned about Russia: how a simple bank facial scan turned into a nationwide surveillance tool.

It started with banks doing their own thing, but now the government’s tied it all together. If you’re in Moscow, the metro can scan your face, match it to your legal identity, and detain you if you’re dodging the draft. It’s a real-life example of where digital ID and biometric control can go.

🔗 Read or download the full Digital ID Report

👉 Watch the full conversation here
📲 Learn more about Above Phone

—
🫶 @takebackourtech
📩 WEBSITE & NEWSLETTER | 🎥 VIDEOS| XMPP | SUBSTACK

🪲Google is finally fixing the most annoying thing about wireless ADB

Tired of frequent disconnections when using wireless debugging? The latest Android Canary release may have the solution.

More details👇

🔗https://www.androidauthority.com/android-wireless-adb-auto-reconnect-3624945/

🩺Android could soon track your medical symptoms in Health Connect

Big updates are coming to Health Connect, Android's health and fitness data aggregator.

Here’s what to expect👇

🔗https://www.androidauthority.com/android-health-connect-medical-symptoms-rumor-3625006/

🚨 CISA just confirmed active exploitation of a new GeoServer flaw (CVE-2025-58360).

It’s unauthenticated — the /geoserver/wms endpoint can be abused to access files or hit internal systems if not patched.

🔗 Read: https://thehackernews.com/2025/12/cisa-flags-actively-exploited-geoserver.html

🤖 AI is reshaping identity security.

It spots unusual behavior, adjusts access in real time, and keeps every identity in check.

Smart IAM isn’t about more tools — it’s about one connected system: the identity fabric.

🔗 Learn how it works: https://thehackernews.com/expert-insights/2025/12/ai-in-iam-is-it-truly-valuable.html

🚨 Over 137,000 servers are wide open.

Hackers are using the React2Shell bug (CVE-2025-55182) to take over web servers — no password needed.

Even U.S. government sites are being hit, and the attacks are spreading fast through Next.js apps online.

If your team hasn’t patched yet, you’re already late.

🔗 Read: https://thehackernews.com/2025/12/react2shell-exploitation-escalates-into.html

[New] React just found more bugs hiding in its last big patch.

🧩 CVE-2025-55184 & CVE-2025-67779 — can crash servers with one request.
🧩 CVE-2025-55183 — can leak source code from React Server Components.

👀 All discovered while testing the earlier CVE-2025-55182 fix.

Update to versions 19.0.3, 19.1.4, or 19.2.3 now.

🔗 Read: https://thehackernews.com/2025/12/new-react-rsc-vulnerabilities-enable.html

⚠️ Your browser is now the biggest GenAI risk.

Every day, workers paste code, emails, and files into AI tools—right inside the browser. That data can leak, get stored, or even shared outside your company.

The fix isn’t banning AI. It’s securing how it’s used—in the browser session itself.

🔗 Read: https://thehackernews.com/2025/12/securing-genai-in-browser-policy.html

🚨 Hackers are attacking CentreStack and Triofox right now using a built-in key that never changes.

It lets them break in, read the web-config file, and run code on the server.

At least 9 companies have already been hit.

🔗 Read: https://thehackernews.com/2025/12/new-advanced-phishing-kits-use-ai-and.html