IoT & Mobile Security

Unpatched Shark Vacuum Flaw Exposes Regional Control Risk
A security flaw in Shark vacuums could put regional control at risk, as demonstrated by researcher tokay0, who exploited the vulnerability to run root commands on hundreds of thousands of devices in a single AWS region. This alarming weakness was discovered through a clever hack that allowed tokay0 to harvest serial numbers and execute commands remotely.

Flaws in EV Charger Security Expose Cities to Denial-of-Service Attacks
A security researcher recently demonstrated how easily electric vehicle chargers can be hacked, leaving cities vulnerable to denial-of-service attacks with just a few clicks. In a stunning Black Hat Asia presentation, he showed how typing a simple charger ID into a custom-built script could instantly render a charging port useless.

Transportation Sector Grapples with Rising Cyber Risks from Connected Vehicles
As modern trucks transform into data centers on wheels, loaded with sensors and connectivity, they also become vulnerable to cyber threats - turning transportation into a pressing cybersecurity issue. With their expanding attack surfaces, the transportation sector is racing against time to tackle the fast-evolving risks of connected vehicles.

Coffee Machines Expose Corporate Networks to Hacking Risks
Your daily cup of coffee might be putting your company's network at risk of a massive breach, thanks to the humble coffee machine's connection to the internet. Connected devices like these can unwittingly create a backdoor for hackers into an otherwise secure environment.

Google Tightens Android App Verification for Sideloaded Software
Google is shaking things up in the mobile world by introducing a new requirement for Android apps installed outside its official store: developers must now verify their identity to ensure user safety. This move aims to strike a balance between platform openness and protection from potential harm.

Kimwolf Botnet Launches Alarming Attack on I2P Anonymity Network
The Kimwolf botnet, a vast army of hijacked IoT devices, has launched a shocking assault on the Invisible Internet Project (I2P), a network that protects users' online anonymity. This brazen attack marks a new chapter in the cat-and-mouse game between cybercriminals and those fighting to keep the internet secure.

Critical Flaw Exposes 7,000 Robot Vacuums to Alarming Remote Hacking Risk
A security researcher recently discovered a critical flaw that leaves around 7,000 robot vacuums vulnerable to remote hacking, raising alarming concerns about the safety of our increasingly connected lives. This startling finding highlights the dark side of the Internet of Things (IoT) and the urgent need for better device security.

Feds Disrupt Critical IoT Botnets Behind Alarming DDoS Attacks
The US Department of Justice has just scored a major win against cyber threats, dismantling four notorious IoT botnets responsible for alarming DDoS attacks that crippled websites and disrupted critical infrastructure. This bold move has taken down over three million hijacked devices, shielding millions of users from digital assaults.

Prompt Injection Via Road Signs: Exclusive Dangerous Threat
Imagine a weathered roadside sign quietly telling a self-driving car to stop on a busy highway — that’s the real and rising threat of prompt injection, where attackers hide natural-language commands in stickers, posters, or paint to hijack drones, delivery bots, and autonomous vehicles. As embodied AI fuses vision and language, these deceptive visuals become a dangerous new attack surface.

Hacking Wheelchairs over Bluetooth: Exclusive Danger Alert
Imagine someone nearby pairing with your motorized wheelchair over Bluetooth without authentication — researchers proved it can be done, and CISA warns attackers could steer, speed up, or change settings without consent. That missing security step turns a lifesaving device into a serious safety and privacy risk that needs fixing now.

Aisuru and Kimwolf Botnets: Exclusive Winners Revealed
Discover how Aisuru and Kimwolf turned everyday cheap devices—routers and gray‑market Android TV boxes—into a near‑unstoppable DDoS army that forced ISPs into impossible tradeoffs, revealing how lax supply chains and low‑cost hardware became attackers’ greatest advantage.

Kimwolf Botnet Exclusive: Severe Local Network Threat
If your router were a wolf at the door, would you still leave the latch open? The Kimwolf botnet has been hijacking routers to steal credentials, alter traffic, and keep persistent access—update firmware, remove WAN management, and change default passwords now.

Kimwolf Botnet Exclusive: Dangerous Local Network Risk
Think your home network is private? The Kimwolf botnet has quietly been recruiting devices across local LANs for months—weaponizing internal connections to evade detection and turn everyday gadgets into a powerful, low-latency attack cluster that can threaten everything from your living room to national infrastructure.

Kimwolf Botnet Exclusive: Dangerous Local Network Alert
Think your home network is a locked room? Researchers warn the Kimwolf botnet is quietly replacing the lock—compromising routers and IoT devices to build stealthy footholds for DDoS, data theft, or lateral attacks.

Kimwolf Botnet: Exclusive Warning on Dangerous Local Threat
The Kimwolf botnet is quietly hijacking routers and management consoles to turn whole local networks into persistent, hard-to-detect attack platforms. If you haven’t checked firmware, disabled remote admin, or changed default credentials lately, now’s the time—this is an active, targeted campaign.

Android TV Exclusive: Dangerous Botnet Risk Revealed
Think that bargain Android TV box is just for streaming? Security researchers warn Superbox devices can quietly turn your home network into a botnet relay, routing criminal traffic and exposing you to fraud and legal trouble.

Android TV streaming box: Exclusive Dangerous botnet alert
Think twice before buying a bargain Android TV streaming box—some models quietly turn your home network into a botnet relay, routing illicit traffic that can slow your connection, invade your privacy and even expose you to legal risk. Here’s what to watch for so convenience doesn’t end up costing you more than you bargained for.

Android TV Streaming Box Danger: Exclusive Security Alert
If it sounds too good to be true, it probably is — investigative reporting reveals Superbox firmware can turn your Android TV into a hidden internet relay, exposing your home network to fraud and account-takeover schemes.

Android TV: Must-Read Botnet Risk Alert
Before you plug in that bargain Android TV box, know this: researchers say some models secretly route other peoples internet traffic through your home, effectively turning the device into a botnet node and putting you at risk of fraud and legal trouble.

IoT Hack: Exclusive Guide to Best Security Fixes
A single USB on an Italian ferry turned convenience into crisis — a stark reminder that IoT is only as safe as the people and processes that touch it. This guide walks you through practical secure provisioning fixes to lock down device identity, segmentation, and access before the next on-site compromise.

Chrome Extension Exclusive: Malicious Raydium Solana Fees
Think your trading extension has your back? Researchers uncovered Crypto Copilot — a Chrome add-on that stealthily skimmed tiny fees off Raydium Solana swaps to an attacker-controlled wallet, a stark reminder to vet permissions before installing extensions.

ShadowRay 2.0 Exclusive: Dangerous GPU Botnet Threat
Think your idle GPUs are harmless? ShadowRay 2.0 quietly turns misconfigured Ray clusters into a self‑replicating crypto‑mining botnet—using automated scans, scripted Docker deployments, and TOR to stay hidden—proving default or unauthenticated management interfaces are an invitation to sustained criminal profit.

ThreatsDay Exclusive: Critical Cyber Threats Unveiled
Think clicking a browser add-on or plugging in a smart camera is harmless? This ThreatsDay roundup exposes how weaponized everyday tools — from extensions and smart gadgets to satellite feeds and SMS — turn convenience into a covert battleground of surveillance, social engineering, and supply‑chain attacks.

China-Linked WrtHug Exclusive: Dangerous ASUS Router Hijack
Imagine the little black box under your desk as a secret backdoor — SecurityScorecard has exposed WrtHug, a China-linked campaign hijacking thousands of ASUS routers to intercept traffic, steal credentials and quietly persist in homes and small businesses. It shows how exposed management interfaces and unpatched firmware can turn everyday routers into powerful spying and staging platforms.