All posts in Uncategorized

■■■■■  Google says 90 zero-days were exploited in attacks last year. Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances. https://www.bleepingcomputer.com/news/security/google-says-90-zero-days-were-exploited-in-attacks-last-year/

⭐️CommandInWiFi: Exploiting SSID Storage in WiFi Scanning for Command Injection. https://github.com/V33RU/CommandInWiFi-Zeroclick

■■■■□ Cyber-War: A complete power outage in the Iraqi provinces allegedly due to a US-Israeli cyber attacks. ⚡Kirkuk ⚡Saladin ⚡Najaf ⚡Diyala ⚡Diwaniya ⚡Muthanna ⚡Babylon

■■■□□ Samsung Zero-Days 👾CVE-2025-62814 An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service. 👾CVE-2025-66363 An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS…

■■■■□ Attempting to detect smart glasses nearby and warn you. https://blog.adafruit.com/2026/03/02/attempting-to-detect-smart-glasses-nearby-and-warn-you/

■■□□□ 🇮🇱Conquerors Electronic Army claims a cyberattack targeting the College of Management Academic Studies in Israel.

■■■□□ Cyber capabilities used to target Iranian leader. Reportedly, cyber operations were instrumental in enabling – but not executing – the Israeli strike that killed Ayatollah Khamenei on Saturday. The killing itself was kinetic: ~30 Sparrow precision missiles fired by jets from over 1,000 km away, each capable of hitting a dining-table-sized target. The cyber…

■■■■□ CVE-2026-28774 An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters (such as the pipe | operator) into the flags parameter, leading to the execution of arbitrary operating system commands…

■■■□□  Microsoft: Hackers abuse OAuth error flows to spread malware. Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. https://www.bleepingcomputer.com/news/security/microsoft-hackers-abuse-oauth-error-flows-to-spread-malware/

■□□□□ Data-Leak:  LexisNexis confirms data breach as hackers leak stolen files American data analytics company LexisNexis Legal & Professional has confirmed to BleepingComputer that hackers breached its servers and accessed some customer and business information. https://www.bleepingcomputer.com/news/security/lexisnexis-confirms-data-breach-as-hackers-leak-stolen-files/