Security
Headlines
HeadlinesLatestCVEs

Tag

#android

ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories

Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted workflows were enough to open doors without forcing them. What stands out is how little friction attackers now need. Some activity focused on quiet reach and coverage, others on timing and reuse. The emphasis

The Hacker News
Open in Source
#vulnerability#web#android#mac#windows#google#linux#dos#redis#js#git#java#wordpress#intel#c++#backdoor#rce#pdf#botnet#alibaba#samsung#auth#ssl#The Hacker News
Malicious Google Calendar invites could expose private data

Researchers showed how prompt injection hidden in a calendar invite can bypass privacy controls and turn an AI assistant into a data-leaking accomplice.

⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More

In cybersecurity, the line between a normal update and a serious incident keeps getting thinner. Systems that once felt reliable are now under pressure from constant change. New AI tools, connected devices, and automated systems quietly create more ways in, often faster than security teams can react. This week’s stories show how easily a small mistake or hidden service can turn into a real

WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping

Researchers demonstrated WhisperPair, a set of attacks that can take control of many widely used Bluetooth earbuds and headphones without user interaction.

Dutch police sell fake tickets to show how easily scams work

A fake ticket website that ended with a digital finger-wag showed just how many people still fall for concert and sports ticket scams.

ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in. Read on to catch up before the next wave hits. Unauthenticated RCE risk Security Flaw in Redis

Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking

Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers.

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times, capable of directing enslaved devices to participate in distributed denial-of-service (DDoS)

Verizon Outage Knocks Out US Mobile Service, Including Some 911 Calls

A major Verizon outage appeared to impact customers across the United States starting around noon ET on Wednesday. Calls to Verizon customers from other carriers may also be impacted.

Phishing scammers are posting fake “account restricted” comments on LinkedIn

Fake LinkedIn comments warning of account restrictions are designed to trick users into revealing their login details.