New Whitepaper: Exploiting Cellular-based IoT Devices

Rapid7 has released a whitepaper titled “The Weaponisation of Cellular Based IoT Technology,” by Deral Heiland, principal ...
Android Authority

New Qualcomm exploit chain brings bootloader unlocking freedom to Android flagships (Updated: Statement)

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...
Android

Qualcomm GBL Exploit Reportedly Enables Bootloader Unlocking on Flagships

A new Qualcomm GBL exploit is reportedly affecting Qualcomm SoCs, mainly the latest Snapdragon 8 Elite Gen 5. This enables bootloader unlocking on flagship phones that were previously difficult to ...
TechSpot

Hackers are selling a critical Windows zero-day exploit for $220,000 on the dark web

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an ...
Forbes

New ‘Powerful’ iOS Attack Warning Issued To Millions Of iPhone Users

An iOS warning has been issued by researchers after they discovered “a new and powerful” exploit kit targeting Apple iPhone models running iOS version 13 to 17.2.1. An iOS warning has been issued by ...
GitHub

safari_file_policy.rb

a file format that OS X might automount), and then execute it in /Volumes/[share].
GitHub

getgodm_http_response_bof.rb

the application to crash. This module has been tested successfully on Windows XP SP3.
TechCrunch

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of ...
Bleeping Computer

Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker

Between 2022 and 2025, Williams stole at least eight protected exploit components intended for the exclusive use of the U.S. government and its allies and sold them to the Matrix Russian exploit ...
CoinDesk

Specialized AI detects 92% of real-world DeFi exploits

A purpose-built AI security agent detected vulnerabilities in 92% of exploited DeFi smart contracts in a new open-source benchmark. The study, released Thursday by AI security firm Cecuro, evaluated ...
GameSpot

Arc Raiders Dev Explains Why It Takes So Long To Ban Cheaters

GameSpot may get a commission from retail offers. Earlier this month, a duplication glitch in Arc Raiders left the door open for cheaters to run wild and duplicate almost any item in the game. Now ...
Infosecurity-magazine.com

Chinese APT Group Exploits Dell Zero-Day for Two Years

Dell has released a patch for a critical zero-day vulnerability in its RecoverPoint for Virtual Machines product, which Mandiant said has been silently exploited by a Chinese APT group since 2024. CVE ...