All posts by John Doe

🤖 CVE-2025-48539 seems like an interesting bug! Android RCE over adjacent WiFi with no user interaction. https://osv.dev/vulnerability/ASB-A-406785684

■■□□□ The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. Everything to know about the mishap that threatened to expose millions of users’ queries. https://arstechnica.com/information-technology/2025/09/the-number-of-mis-issued-1-1-1-1-certificates-grows-heres-the-latest/

■■■□□ Researchers find secret ties and vulnerabilities in popular VPN apps. https://me.mashable.com/tech/60374/researchers-find-secret-ties-and-vulnerabilities-in-popular-vpn-apps

■■■■□ Unconfirmed: CVE-2025-48558 Android BatteryService Implicit Intent Hijacking. In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

■■■■□ Disinformation campaign to be launched: 🇮🇱 Google and YouTube signed $45 million deal with Israel to run propaganda ads related to Gaza. The deal is called “Hasbara”. The propaganda will be denying the genocide, the massive slaughter of children and that there is no famine in Gaza.

■□□□□ Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet The three certificates were issued in May but only came to light Wednesday. https://arstechnica.com/security/2025/09/mis-issued-certificates-for-1-1-1-1-dns-service-pose-a-threat-to-the-internet/

■■□□□ First-look at the dynamic hash-mode support in the upcoming hashcat, powered by the new Rust Bridge. No coding needed: Write your pattern on the command line. https://hashcat.net/beta

Google 🔍 Engineer dropped a book. A comprehensive guide to building agentic AI systems. Key points: Concepts: Prompt chaining, routing, memory, planning, safety, and evaluation. ✅Patterns: Design methods for multi-agent setups, tool-using agents, and autonomous workflows. ✅Hands-on: Code samples for implementing these patterns in real-world apps. ✅Goal: Help developers build reliable, scalable, and safe intelligent…

■■■□□ Zero-Day: CISA Warns of WhatsApp 0-Day Vulnerability Exploited in Attacks. CISA Warns of WhatsApp 0-Day Vulnerability Exploited in Attacks

■■□□□ DoS by network flood: Israeli private and government sectors are suffering from massive taledowns by hacker groups. Collectively; these groups are united against genocide and include pan religious hacktivists.