Forwarded from Gizchina.com
Chuwi AuBox 8745 review: a true powerhouse for any type of user
https://www.gizchina.com/2025/05/05/chuwi-aubox-8745-review-a-true-powerhouse-for-any-type-of-user/
https://www.gizchina.com/2025/05/05/chuwi-aubox-8745-review-a-true-powerhouse-for-any-type-of-user/
Forwarded from The Hacker News
🚨 Zero-click. Wormable. Network-spreading.
New flaws in Apple’s AirPlay protocol (🔓 AirBorne) could let hackers hijack your device without a click—then ride your Wi-Fi into corporate networks.
CVE-2025-24252 + CVE-2025-24132 = silent RCE across Macs, TVs, speakers. Just being on the same Wi-Fi can be enough.
🔗 Learn more: https://thehackernews.com/2025/05/wormable-airplay-flaws-enable-zero.html
📲 Update all AirPlay-enabled devices now—personal & work.
New flaws in Apple’s AirPlay protocol (🔓 AirBorne) could let hackers hijack your device without a click—then ride your Wi-Fi into corporate networks.
CVE-2025-24252 + CVE-2025-24132 = silent RCE across Macs, TVs, speakers. Just being on the same Wi-Fi can be enough.
🔗 Learn more: https://thehackernews.com/2025/05/wormable-airplay-flaws-enable-zero.html
📲 Update all AirPlay-enabled devices now—personal & work.
Forwarded from Hacker News
den.dev
The Beauty Of Having A Pi-hole
So, check this little idea that I have - I want to browse the internet without all sorts of unscrupulous actors collecting every little bit of metadata on me and my family they can possibly get their hands on. Radical, I know. Who would’ve thought that I…
Forwarded from Hacker News
Forwarded from The Hacker News
🔥 New Edition Just Dropped!
Cybersecurity Weekly Recap | May 5 —— From nation-state hacks to deepfake-ready malware, this week’s intel is packed:
• Iranian APT lurked 2 yrs in critical infra
• Claude chatbot abused for political ops
• TikTok hit with $601M fine over China data
• 30+ new CVEs to patch now
• Magento supply chain backdoor activated after 6 yrs
Read the full recap → https://thehackernews.com/2025/05/weekly-recap-nation-state-hacks-spyware.html
Cybersecurity Weekly Recap | May 5 —— From nation-state hacks to deepfake-ready malware, this week’s intel is packed:
• Iranian APT lurked 2 yrs in critical infra
• Claude chatbot abused for political ops
• TikTok hit with $601M fine over China data
• 30+ new CVEs to patch now
• Magento supply chain backdoor activated after 6 yrs
Read the full recap → https://thehackernews.com/2025/05/weekly-recap-nation-state-hacks-spyware.html
Forwarded from Hacker News
Openai
Evolving OpenAI’s structure
An update from the OpenAI board on transitioning its for-profit entity to a Public Benefit Corporation, reinforcing its mission-driven structure under nonprofit oversight while enabling greater impact and long-term alignment with the public good.
Forwarded from It's FOSS
An important open source initiative needs your help!
https://news.itsfoss.com/osu-open-source-lab-closure/
https://news.itsfoss.com/osu-open-source-lab-closure/
It's FOSS News
A Critical Moment for OSU's Open Source Lab As It Faces Closure
The Oregon State University Open Source Lab urgently needs funding to continue functioning.
Forwarded from The Hacker News
🛑 Critical Langflow Flaw Actively Exploited!
CISA has added CVE-2025-3248 to its Known Exploited Vulnerabilities list.
• CVSS: 9.8
• Affects most Langflow versions
• Allows remote code execution without login
• PoC exploit published April 9
• 466 servers exposed worldwide
➡️ Full story: https://thehackernews.com/2025/05/critical-langflow-flaw-added-to-cisa.html
CISA has added CVE-2025-3248 to its Known Exploited Vulnerabilities list.
• CVSS: 9.8
• Affects most Langflow versions
• Allows remote code execution without login
• PoC exploit published April 9
• 466 servers exposed worldwide
➡️ Full story: https://thehackernews.com/2025/05/critical-langflow-flaw-added-to-cisa.html
Forwarded from The Hacker News
🚨 Exploited in the wild. No user click needed.
Google patches 46 Android flaws, including CVE-2025-27363—a critical System bug tied to the FreeType font engine.
Discovered by Meta in March, it's now confirmed active.
🔗 Learn more: https://thehackernews.com/2025/05/google-fixes-actively-exploited-android.html
Google patches 46 Android flaws, including CVE-2025-27363—a critical System bug tied to the FreeType font engine.
Discovered by Meta in March, it's now confirmed active.
🔗 Learn more: https://thehackernews.com/2025/05/google-fixes-actively-exploited-android.html
Forwarded from The Hacker News
🔥 AI agents are the new insider threat—fast, autonomous, and already slipping past security.
Meanwhile, users just want to work—on personal devices, with unsanctioned apps, and now AI tools.
The Access-Trust Gap is real—and growing.
✅ It’s time to move from blocking to governing access, for humans and machines.
👉 Read more from Dave Lewis, Global Advisory CISO at 1Password: https://thehackernews.com/expert-insights/2025/05/ai-access-trust-gap-droids-were-looking.html
Meanwhile, users just want to work—on personal devices, with unsanctioned apps, and now AI tools.
The Access-Trust Gap is real—and growing.
✅ It’s time to move from blocking to governing access, for humans and machines.
👉 Read more from Dave Lewis, Global Advisory CISO at 1Password: https://thehackernews.com/expert-insights/2025/05/ai-access-trust-gap-droids-were-looking.html
Forwarded from The Hacker News
This media is not supported in your browser
VIEW IN TELEGRAM
🚨 UPDATE - Darcula’s secret weapon exposed!
NRK & Mnemonic uncover Magic Cat — a phishing toolkit behind 884K+ stolen cards in 7 months.
🔹 13M+ clicked links
🔹 600+ scammers
🔹 Real-time data & PIN capture
🔹 19K+ victims in Norway alone
Dev behind it? A 24-year-old from China.
The company? Claims it’s just “a website builder.”
🔗 Full story: https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html
NRK & Mnemonic uncover Magic Cat — a phishing toolkit behind 884K+ stolen cards in 7 months.
🔹 13M+ clicked links
🔹 600+ scammers
🔹 Real-time data & PIN capture
🔹 19K+ victims in Norway alone
Dev behind it? A 24-year-old from China.
The company? Claims it’s just “a website builder.”
🔗 Full story: https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html