What the Flock is happening with license plate readers?
You’re driving home after another marathon day of work and kid-shuttling, nursing a lukewarm coffee in a mug that’s trying too hard. As you turn…
Author: Cybernoz
D-Link warns of new RCE flaws in end-of-life DIR-878 routers
D-Link is warning of three remotely exploitable command execution vulnerabilities that affect all models and hardware revisions of its DIR-878 router, which has reached end-of-service but is…
Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
A critical remote code execution flaw in Microsoft’s Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images. With a…
![[tl;dr sec] #306 - Claude Code's Hacking Campaign, Rust in Android, Secrets Scanners Miss](https://image.cybernoz.com/wp-content/uploads/2025/11/tldr-sec-306-Claude-Codes-Hacking-Campaign-Rust-in.png){kind=small}
[tl;dr sec] #306 – Claude Code’s Hacking Campaign, Rust in Android, Secrets Scanners Miss
I hope you’ve been doing well! I’m stoked to announce I’ll be doing a webinar with my friend Daniel Miessler on his epic AI setup.…
Researchers warn command injection flaw in Fortinet FortiWeb is under exploitation
Researchers are warning about an operating system command injection vulnerability in Fortinet FortiWeb just days after the company confirmed exploitation of a separate critical vulnerability…
New SonicWall SonicOS flaw allows hackers to crash firewalls
American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls. Tracked as…
Samourai Wallet Cryptocurrency Mixing Founders Jailed for Laundering Over $237 Million
The U.S. Attorney’s Office, Southern District of New York, has announced the sentencing of Keonne Rodriguez and William Lonergan Hill, co-founders of Samourai Wallet, a…
Security gap in Perplexity’s Comet browser exposed users to system-level attacks
There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s built-in…
Swedish welfare authorities suspend ‘discriminatory’ AI model
A “discriminatory” artificial intelligence (AI) model used by Sweden’s social security agency to flag people for benefit fraud investigations has been suspended, following an intervention…
Sturnus Banking Malware Steals Communications from Signal and WhatsApp, Gaining Full Control of The Device
A new banking malware called Sturnus has emerged as a significant threat to mobile users across Europe. Security researchers have discovered that this sophisticated Android…
Oligo delivers runtime-native security for models and agents
Oligo Security announced new capabilities to protect the broadest spectrum of AI deployments, including AI applications, LLMs, and agentic AI. The new platform modules address…
Gmail can read your emails and attachments to train its AI, unless you opt out
Under the radar, Google has added features that allow Gmail to access all private messages and attachments for training its AI models. If you use…