Hey, security vendors.. this is a bullshit anti-pattern. This vendor and others like it intentionally leave out the impacted vendor, products, technologies, and environments. There is zero context here. Readers would need to follow the link or independently research the CVE to see if they care.

Security practitioners see it for what it is: Fear based traffic farming.

It isn't a good look and many of us will never trust anything you say or send you traffic.

A note, I do work for a security vendor. We don't do this and I would absolutely call out our (awesome) marketing or research teams if we did.

#Security #cybersecurity #zeroday #threatintel

Hey, security vendors.. this is a bullshit anti-pattern. This vendor and others like it intentionally leave out the impacted vendor, products, technologies, and environments. There is zero context here. Readers would need to follow the link or independently research the CVE to see if they care.

Security practitioners see it for what it is: Fear based traffic farming.

It isn't a good look and many of us will never trust anything you say or send you traffic.

A note, I do work for a security vendor. We don't do this and I would absolutely call out our (awesome) marketing or research teams if we did.

#Security #cybersecurity #zeroday #threatintel

⚠️ Apple patches decade-old iOS zero-day exploited in the wild

｢ CVE-2026-20700, discovered by Google's Threat Analysis Group, affects dyld - Apple's dynamic linker - and allows attackers with memory write capability to execute arbitrary code. Apple said the flaw was exploited in the wild and may have been part of an exploit chain ｣

https://www.theregister.com/2026/02/12/apple_ios_263/

#apple #zeroday #cybersecurity #CVE202620700

⚠️ Apple patches decade-old iOS zero-day exploited in the wild

｢ CVE-2026-20700, discovered by Google's Threat Analysis Group, affects dyld - Apple's dynamic linker - and allows attackers with memory write capability to execute arbitrary code. Apple said the flaw was exploited in the wild and may have been part of an exploit chain ｣

https://www.theregister.com/2026/02/12/apple_ios_263/

#apple #zeroday #cybersecurity #CVE202620700

Cloudflare zero-day: Accessing any host globally

https://fearsoff.org/research/cloudflare-acme

#HackerNews #Cloudflare #ZeroDay #CloudSecurity #CyberThreats #Vulnerability #Research #AccessControl

🚨 Mozilla drops urgent Firefox update patching 16 vulnerabilities incl. critical remote code execution & sandbox escapes in versions 145 & ESR 115.30/140.5. Users must update NOW to stay safe! 🔐🔥 Details: https://gbhackers.com/mozilla-issues-urgent-firefox-update-2/ #CyberSecurity #FirefoxUpdate #ZeroDay #newz

@pallenberg
Wer weiß, wie viele Geheimdienste die #sicherheitslucken schon lange kennen, aber keinen was sagen, weil sie die Lücke selbst nutzen wollen.

Diese staatliche #Hacking-Strategie ist eine Katastrophe. Vor allem das kaufen und geheim halten von #ZeroDay|s. Die wissen dass eine Schwachstelle verkauft wird, alle User sind angreifbar, sie wissen nicht von wenn alles, aber sie sagen niemandem etwas, und finanzieren durch ihren Kauf #blackhats (kriminelle Hacker).

Hackers can steal 2FA codes and private messages from Android phones

> Android devices are vulnerable to a new attack that can covertly steal 2FA codes, location timelines, and other private data in less than 30 seconds.

> The new attack, named Pixnapping by the team of academic researchers who devised it, requires a victim to first install a malicious app on an Android phone or tablet.

> The app, which requires no system permissions, can then effectively read data that any other installed app displays on the screen. Pixnapping has been demonstrated on Google Pixel phones and the Samsung Galaxy S25 phone and likely could be modified to work on other models with additional work. Google released mitigations last month, but the researchers said a modified version of the attack works even when the update is installed.
https://arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/ #Android #Cybersecurity #InfoSec #2FA #Privacy #Pixnapping #GooglePixel #Samsung #MobileSecurity #DataBreach #ZeroDay #TechNews #Hacking

Hackers can steal 2FA codes and private messages from Android phones

> Android devices are vulnerable to a new attack that can covertly steal 2FA codes, location timelines, and other private data in less than 30 seconds.

> The new attack, named Pixnapping by the team of academic researchers who devised it, requires a victim to first install a malicious app on an Android phone or tablet.

> The app, which requires no system permissions, can then effectively read data that any other installed app displays on the screen. Pixnapping has been demonstrated on Google Pixel phones and the Samsung Galaxy S25 phone and likely could be modified to work on other models with additional work. Google released mitigations last month, but the researchers said a modified version of the attack works even when the update is installed.
https://arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/ #Android #Cybersecurity #InfoSec #2FA #Privacy #Pixnapping #GooglePixel #Samsung #MobileSecurity #DataBreach #ZeroDay #TechNews #Hacking

“Microsoft has released patches to “fully protect” SharePoint 2019 and SharePoint Subscription Edition servers, and the company is actively working on a patch for SharePoint 2016.

#CISA …says that the scope and impact of the attacks are still being assessed, and that any servers that have been impacted by the exploit should be disconnected from the internet until an official resolution is available.”

#Sharepoint #zerodayhttps://mastodon.social/@verge/114890559136880575

https://www.heise.de/en/news/Zero-day-Bluetooth-gap-turns-millions-of-headphones-into-listening-stations-10460704.html

Disclosure of the vulnerabilities: https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/

No updates or official statements available yet. ☠️

#Security#Privacy#Audio#Airoha#ZeroDay

https://www.heise.de/en/news/Zero-day-Bluetooth-gap-turns-millions-of-headphones-into-listening-stations-10460704.html

Disclosure of the vulnerabilities: https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/

No updates or official statements available yet. ☠️

#Security#Privacy#Audio#Airoha#ZeroDay