
FBI forced Flax Typhoon to abandon its botnet
A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director …

Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)
Five years ago, security researcher Fernandez Ezequiel discovered a vulnerability (CVE-2018-9995) in many digital video recorder (DVR) brands and released a tool for …

Critical bug allows remote compromise, control of millions of IoT devices (CVE-2021-28372)
A vulnerability (CVE-2021-28372) in the SDK that allows IoT devices to use ThroughTek’s Kalay P2P cloud platform could be exploited to remotely compromise and control …

Zyxel NAS, firewalls and LILIN DVRs and IP cameras conscripted into IoT botnets
A wide variety of Zyxel and LILIN IoT devices are being conscripted into several botnets, researchers have warned. Users are advised to implement the provided firmware updates …

9 million Xiongmai cameras, DVRs wide open to attack
SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment by Chinese manufacturer Hangzhou …

DoS attacks against hard disk drives using acoustic signals
A group of Princeton and Purdue researchers has shown that it’s possible to mount a denial-of-service (DoS) attack against hard disk drives via acoustic signals. Threat …

RCE flaw affects DVRs sold by over 70 different vendors
RSA security researcher Rotem Kerner has discovered a remote code execution vulnerability that affects digital video recorders (DVRs) sold by more than 70 different vendors …
Featured news
Resources
Don't miss
- Threat actors are using legitimate Microsoft feature to compromise M365 accounts
- North Korean hackers spotted using ClickFix tactic to deliver malware
- Sandworm APT’s initial access subgroup hits organizations accross the globe
- PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)
- The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance