Nothing promotes the upcoming flagship Nothing Phone 3 while hinting at its 800 EUR pricing and themselves uses an iPhone in reality

Lumolight

Lumolight is an open-source flashlight app that can perform both front and back flash. The app is designed based on the "Material You" design system and it looks stunning. The app supports both light and dark themes and supports dynamic theming.

🔗 Links:
- Download
- Screenshots
- Features
- Source code
Developer: Mehedi Hasan

❤️ Support the Project

If this project makes your life easier, here are a few quick ways to show some love:

⭐ Star the repo/app
☕ Buy a coffee for the developer
🛠 Contribute code, issues, or pull-requests

🏷 Tags: #Android #Utilities

Xiaomi’s First Smartphone Chip Is Real — Meet the XRING 01
https://www.gizchina.com/2025/05/15/xiaomis-first-smartphone-chip-is-real-meet-the-xring-01/

Oppo Reno14 and Reno14 Pro released with big batteries and quad 50MP cameras
https://www.gizchina.com/2025/05/15/oppo-launches-reno14-and-reno14-pro/

Meizu set to unveil five new phones and smart wearables on May 20
https://www.gizchina.com/2025/05/15/meizu-set-to-unveil-five-new-phones-and-smart-wearables-on-may-20/

Ulefone Armor 28 Series Advantage: A Robust Accessories Ecosystem
https://www.gizchina.com/2025/05/15/ulefone-armor-28-series-advantage-a-robust-accessories-ecosystem/

More on the Steam hack. Given the royal runaround and third party services involved, the details remain unclear if those accounts are at risk or not. With an ever connected world third parties exchanging secure information can become liabilities quickly.

https://www.xda-developers.com/valve-confirms-the-steam-breach-is-real/

Use GrapheneOS and tell Google to pound sand or use F-Droid to install.

https://news.itsfoss.com/google-gatekeeping-nextcloud/

Voltage OS custom gsi rom for any device major features 🔥

Pure AOSP performance with major features
https://youtu.be/hgvkwz_M4f8

🚨 Another Ivanti exploit ALERT!

Attackers are chaining two new flaws (CVE-2025-4427, 4428) for remote code execution on vulnerable EPMM versions.

— Risk: Auth bypass ➕ RCE
— Exploited: Yes (limited cases)

⚠️ Act fast—patch now / read more: https://thehackernews.com/2025/05/ivanti-patches-epmm-vulnerabilities.html

🚨 Critical Fortinet 0-Day Exploited in Attacks!

Hackers are hitting FortiVoice systems in the wild—logging creds, wiping crash logs, scanning networks.

CVE-2025-32756 (CVSS 9.6) affects:
—FortiVoice, FortiMail, FortiNDR
—FortiRecorder, FortiCamera

Exploitable without login via crafted HTTP requests.

🔗 Details: https://thehackernews.com/2025/05/fortinet-patches-cve-2025-32756-zero.html

🛑 5 Microsoft zero-days exploited in the wild!

One flaw lets attackers hijack full system control—just by visiting a webpage.

◆ 78 flaws fixed — 11 critical
◆ CVE-2025-30397 to 32709 now in CISA’s KEV list
◆ 10.0 CVSS bug in Azure DevOps Server

🔗 Details here: https://thehackernews.com/2025/05/microsoft-fixes-78-flaws-5-zero-days.html

🛡️ Don’t wait. Patch now.

🚨 URGENT UPDATE: Another SAP flaw under active exploitation!

CVE-2025-42999 (CVSS 9.1) is now confirmed actively exploited — allows attackers to execute commands via insecure deserialization in NetWeaver.

🛠 Patch now: SAP Note 3604119

Read: https://thehackernews.com/2025/05/china-linked-apts-exploit-sap-cve-2025.html

👀 UPDATE: Android just got its own Lockdown Mode.

• Tamper-proof Intrusion Logging
• Scam alerts during banking calls
• Lock screen OTP protection
• Upgraded app threat detection

🔒 Rolling out on Android 11+ | Full launch this summer.

📲 What’s new & how it protects you: https://thehackernews.com/2025/05/google-rolls-out-on-device-ai.html

🚨 Invoice Email? Think Twice.

A stealthy phishing campaign is hitting Windows users in Latin America—disguised as financial docs, but dropping Horabot malware instead.

👀 Hijacks inboxes
📩 Spreads via Outlook
💰 Targets banking data

🔗 Full details here → https://thehackernews.com/2025/05/horabot-malware-targets-6-latin.html

🚨 Drone supply chains under attack!

Earth Ammit, a likely China-linked group, ran two stealthy ops—VENOM & TIDRONE—to breach drone and defense industries in Taiwan & South Korea.

They’re not hitting targets directly. They’re hijacking the software vendors you trust.

🔗 Read: https://thehackernews.com/2025/05/earth-ammit-breached-drone-supply.html

🔥 Cyber attacks are up. Skills still lag.

Verizon’s 2025 DBIR reports an 18% jump in breaches, with vuln exploitation up 34% YoY. Yet most orgs rely too much on tools.

Want real defense? Train every team to think like an attacker.

From new analysts to execs—offensive training builds sharper instincts, faster response, and better strategy.

🔗 Learn how: https://thehackernews.com/2025/05/learning-how-to-hack-why-offensive.html

SANS Offensive Ops East → Jun 8–14 | San Antonio → Aug 4–9

⚡ Free AI Security Assessment from Vanta

Whether your company is using, building with, or developing AI, Vanta’s AI Security Assessment outlines the most critical and common considerations across any AI program—from governance to risk, to data privacy, incident management, and more.

Download it for free here: https://thn.news/ai-security-assessment-template

🚨 14,000+ fake URLs.

A massive phishing campaign—Meta Mirage—is hijacking Meta Business Suite users with scarily real fake alerts.

◆︎ 78% of malicious links went unblocked by browsers.
◆︎ Hosted on trusted platforms like GitHub & Firebase.
◆︎ Looks legit. Hits hard. You won’t see it coming.

🔐 CTM360 just dropped the full intel: https://thehackernews.com/2025/05/ctm360-identifies-surge-in-phishing.html

🚨 $8.4B in shadow deals—run from Telegram.

A Chinese-language black market called Xinbi Guarantee quietly moved billions in crypto since 2022.

What’s inside? Think: stolen data, fake IDs, laundering services—and more.

👀 The full story is darker than you think: https://thehackernews.com/2025/05/xinbi-telegram-market-tied-to-84b-in.html