Skip to main content

IoT & Mobile Security

Smart home device sits in living room with city view through window.

Unpatched Shark Vacuum Flaw Exposes Regional Control Risk

A security flaw in Shark vacuums could put regional control at risk, as demonstrated by researcher tokay0, who exploited the vulnerability to run root commands on hundreds of thousands of devices in a single AWS region. This alarming weakness was discovered through a clever hack that allowed tokay0 to harvest serial numbers and execute commands remotely.

Analyst 207
Public EV charging station with one inactive charger in city square.

Flaws in EV Charger Security Expose Cities to Denial-of-Service Attacks

A security researcher recently demonstrated how easily electric vehicle chargers can be hacked, leaving cities vulnerable to denial-of-service attacks with just a few clicks. In a stunning Black Hat Asia presentation, he showed how typing a simple charger ID into a custom-built script could instantly render a charging port useless.

Analyst 207
Vehicle dashboard with cracked, glitchy screen displaying distorted map, set against blurred cityscape at dusk with ominous…

Transportation Sector Grapples with Rising Cyber Risks from Connected Vehicles

As modern trucks transform into data centers on wheels, loaded with sensors and connectivity, they also become vulnerable to cyber threats - turning transportation into a pressing cybersecurity issue. With their expanding attack surfaces, the transportation sector is racing against time to tackle the fast-evolving risks of connected vehicles.

Analyst 207
Coffee Machines Expose Corporate Networks to Hacking Risks

Coffee Machines Expose Corporate Networks to Hacking Risks

Your daily cup of coffee might be putting your company's network at risk of a massive breach, thanks to the humble coffee machine's connection to the internet. Connected devices like these can unwittingly create a backdoor for hackers into an otherwise secure environment.

Analyst 207
Google Tightens Android App Verification for Sideloaded Software

Google Tightens Android App Verification for Sideloaded Software

Google is shaking things up in the mobile world by introducing a new requirement for Android apps installed outside its official store: developers must now verify their identity to ensure user safety. This move aims to strike a balance between platform openness and protection from potential harm.

Analyst 207
Kimwolf Botnet Launches Alarming Attack on I2P Anonymity Network

Kimwolf Botnet Launches Alarming Attack on I2P Anonymity Network

The Kimwolf botnet, a vast army of hijacked IoT devices, has launched a shocking assault on the Invisible Internet Project (I2P), a network that protects users' online anonymity. This brazen attack marks a new chapter in the cat-and-mouse game between cybercriminals and those fighting to keep the internet secure.

Analyst 207
Critical Flaw Exposes 7,000 Robot Vacuums to Alarming Remote Hacking Risk

Critical Flaw Exposes 7,000 Robot Vacuums to Alarming Remote Hacking Risk

A security researcher recently discovered a critical flaw that leaves around 7,000 robot vacuums vulnerable to remote hacking, raising alarming concerns about the safety of our increasingly connected lives. This startling finding highlights the dark side of the Internet of Things (IoT) and the urgent need for better device security.

Analyst 207
Feds Disrupt Critical IoT Botnets Behind Alarming DDoS Attacks

Feds Disrupt Critical IoT Botnets Behind Alarming DDoS Attacks

The US Department of Justice has just scored a major win against cyber threats, dismantling four notorious IoT botnets responsible for alarming DDoS attacks that crippled websites and disrupted critical infrastructure. This bold move has taken down over three million hijacked devices, shielding millions of users from digital assaults.

Analyst 207
Prompt Injection Via Road Signs: Exclusive Dangerous Threat

Prompt Injection Via Road Signs: Exclusive Dangerous Threat

Imagine a weathered roadside sign quietly telling a self-driving car to stop on a busy highway — that’s the real and rising threat of prompt injection, where attackers hide natural-language commands in stickers, posters, or paint to hijack drones, delivery bots, and autonomous vehicles. As embodied AI fuses vision and language, these deceptive visuals become a dangerous new attack surface.

Analyst 207
Hacking Wheelchairs over Bluetooth: Exclusive Danger Alert

Hacking Wheelchairs over Bluetooth: Exclusive Danger Alert

Imagine someone nearby pairing with your motorized wheelchair over Bluetooth without authentication — researchers proved it can be done, and CISA warns attackers could steer, speed up, or change settings without consent. That missing security step turns a lifesaving device into a serious safety and privacy risk that needs fixing now.

Analyst 207
Aisuru and Kimwolf Botnets: Exclusive Winners Revealed

Aisuru and Kimwolf Botnets: Exclusive Winners Revealed

Discover how Aisuru and Kimwolf turned everyday cheap devices—routers and gray‑market Android TV boxes—into a near‑unstoppable DDoS army that forced ISPs into impossible tradeoffs, revealing how lax supply chains and low‑cost hardware became attackers’ greatest advantage.

Analyst 207
Kimwolf Botnet Exclusive: Severe Local Network Threat

Kimwolf Botnet Exclusive: Severe Local Network Threat

If your router were a wolf at the door, would you still leave the latch open? The Kimwolf botnet has been hijacking routers to steal credentials, alter traffic, and keep persistent access—update firmware, remove WAN management, and change default passwords now.

Analyst 207
Kimwolf Botnet Exclusive: Dangerous Local Network Risk

Kimwolf Botnet Exclusive: Dangerous Local Network Risk

Think your home network is private? The Kimwolf botnet has quietly been recruiting devices across local LANs for months—weaponizing internal connections to evade detection and turn everyday gadgets into a powerful, low-latency attack cluster that can threaten everything from your living room to national infrastructure.

Analyst 207
Kimwolf Botnet Exclusive: Dangerous Local Network Alert

Kimwolf Botnet Exclusive: Dangerous Local Network Alert

Think your home network is a locked room? Researchers warn the Kimwolf botnet is quietly replacing the lock—compromising routers and IoT devices to build stealthy footholds for DDoS, data theft, or lateral attacks.

Analyst 207
Kimwolf Botnet: Exclusive Warning on Dangerous Local Threat

Kimwolf Botnet: Exclusive Warning on Dangerous Local Threat

The Kimwolf botnet is quietly hijacking routers and management consoles to turn whole local networks into persistent, hard-to-detect attack platforms. If you haven’t checked firmware, disabled remote admin, or changed default credentials lately, now’s the time—this is an active, targeted campaign.

Analyst 207
Android TV Exclusive: Dangerous Botnet Risk Revealed

Android TV Exclusive: Dangerous Botnet Risk Revealed

Think that bargain Android TV box is just for streaming? Security researchers warn Superbox devices can quietly turn your home network into a botnet relay, routing criminal traffic and exposing you to fraud and legal trouble.

Analyst 207
Android TV streaming box: Exclusive Dangerous botnet alert

Android TV streaming box: Exclusive Dangerous botnet alert

Think twice before buying a bargain Android TV streaming box—some models quietly turn your home network into a botnet relay, routing illicit traffic that can slow your connection, invade your privacy and even expose you to legal risk. Here’s what to watch for so convenience doesn’t end up costing you more than you bargained for.

Analyst 207
Android TV Streaming Box Danger: Exclusive Security Alert

Android TV Streaming Box Danger: Exclusive Security Alert

If it sounds too good to be true, it probably is — investigative reporting reveals Superbox firmware can turn your Android TV into a hidden internet relay, exposing your home network to fraud and account-takeover schemes.

Analyst 207
Android TV: Must-Read Botnet Risk Alert

Android TV: Must-Read Botnet Risk Alert

Before you plug in that bargain Android TV box, know this: researchers say some models secretly route other peoples internet traffic through your home, effectively turning the device into a botnet node and putting you at risk of fraud and legal trouble.

Analyst 207
IoT Hack: Exclusive Guide to Best Security Fixes

IoT Hack: Exclusive Guide to Best Security Fixes

A single USB on an Italian ferry turned convenience into crisis — a stark reminder that IoT is only as safe as the people and processes that touch it. This guide walks you through practical secure provisioning fixes to lock down device identity, segmentation, and access before the next on-site compromise.

Analyst 207
Chrome Extension Exclusive: Malicious Raydium Solana Fees

Chrome Extension Exclusive: Malicious Raydium Solana Fees

Think your trading extension has your back? Researchers uncovered Crypto Copilot — a Chrome add-on that stealthily skimmed tiny fees off Raydium Solana swaps to an attacker-controlled wallet, a stark reminder to vet permissions before installing extensions.

Analyst 207
ShadowRay 2.0 Exclusive: Dangerous GPU Botnet Threat

ShadowRay 2.0 Exclusive: Dangerous GPU Botnet Threat

Think your idle GPUs are harmless? ShadowRay 2.0 quietly turns misconfigured Ray clusters into a self‑replicating crypto‑mining botnet—using automated scans, scripted Docker deployments, and TOR to stay hidden—proving default or unauthenticated management interfaces are an invitation to sustained criminal profit.

Analyst 207
ThreatsDay Exclusive: Critical Cyber Threats Unveiled

ThreatsDay Exclusive: Critical Cyber Threats Unveiled

Think clicking a browser add-on or plugging in a smart camera is harmless? This ThreatsDay roundup exposes how weaponized everyday tools — from extensions and smart gadgets to satellite feeds and SMS — turn convenience into a covert battleground of surveillance, social engineering, and supply‑chain attacks.

Analyst 207
China-Linked WrtHug Exclusive: Dangerous ASUS Router Hijack

China-Linked WrtHug Exclusive: Dangerous ASUS Router Hijack

Imagine the little black box under your desk as a secret backdoor — SecurityScorecard has exposed WrtHug, a China-linked campaign hijacking thousands of ASUS routers to intercept traffic, steal credentials and quietly persist in homes and small businesses. It shows how exposed management interfaces and unpatched firmware can turn everyday routers into powerful spying and staging platforms.

Analyst 207