Security researchers have uncovered multiple vulnerabilities in Airoha Bluetooth chipsets, widely used in audio devices from brands like Sony, Bose, Jabra, JBL, and more. These flaws open the door to eavesdropping, unauthorized commands, and potential data theft. Researchers at ERNW identified three key vulnerabilities in Airoha’s system-on-chip (SoC) modules,
A critical path traversal vulnerability (CVE-2025-6218) in WinRAR has been patched after researchers discovered it could allow malware to execute automatically when extracting archives. The flaw received a CVSS score of 7.8 and was reported by security researcher whs3-detonator through Zero Day Initiative in early June 2025. Affected Versions
Another War Thunder player has been banned from the game’s official forums after posting a page from the AV-8B Harrier’s flight manual—marking at least the ninth known incident where users have leaked classified or restricted materials in an attempt to win arguments. This time, a user named
Researchers at Akamai have outlined two novel techniques that can be used to disable cryptocurrency-mining botnets. The methods exploit design flaws in common mining algorithms to halt cryptojacking operations. "We developed two techniques that abuse mining technologies and pool policies, allowing us to degrade the efficiency of mining botnets—
The maker of Trezor hardware crypto wallets is warning users about phishing attacks. Hackers exploited the company’s automated support system to send out malicious messages. The issue stems from the fact that anyone could open a support ticket on the company’s website by simply entering an arbitrary email
The developers of the Qilin ransomware have offered their partners access to legal team consultations to pressure victims into paying ransoms. This new feature was spotted by researchers from Israeli cybersecurity firm Cybereason, who noted that the ransomware’s affiliate panel now includes a "Call Lawyer" option. Additionally,
News
Positive Technologies expert Egor Filatov discovered a critical vulnerability in the Shortcuts app. If successfully exploited, the flaw could allow an attacker to gain full control over the device, including the ability to read, modify, and delete any information. Shortcuts was first introduced in macOS Monterey in 2021 and has