The two critical security vulnerabilities impact multiple WiFi 6 access points (WAX206, WAX214v2, and WAX220) and Nighthawk Pro Gaming router models (XR1000, XR1000v2, XR500).

According to Positive Technologies researchers who discovered the campaign and reported it to PyPI, the packages posing as Python clients for DeepSeek AI were infostealers that stole data from developers who utilized them.

This high-severity zero-day (tracked as CVE-2024-53104) is a privilege escalation security flaw in the Android Kernel's USB Video Class driver that allows authenticated local threat actors to elevate privileges in low-complexity attacks.

A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI's safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation.

The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks.

Hackers have compromised the Windows version of the DogWifTools software for promoting meme coins on the Solana blockchain in a supply-chain attack that drained users' wallets.

Since the three flaws SonarQube discovered remain unpatched, Voyager users should consider restricting access to trusted users only, limiting "browse_media" permissions to prevent unauthorized file uploads, and using RBAC to minimize exposure.

The malware family was introduced in 2023, and a second version that added persistence mechanisms was released later. The third variant, 'Aquabotv3,' introduced a system that detects termination signals and sends the info to the C2 server.

The FLOP and SLAP side-channel attacks target features aimed at speeding up processing by guessing future instructions instead of waiting for them can leave traces in memory to extract sensitive information.

The zero-day fixed today is tracked as CVE-2025-24085 [iOS/iPadOS, macOS, tvOS, watchOS, visionOS] and is a privilege escalation security flaw in Apple's Core Media framework.