Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
We analyze the recent Stan Ghouls campaign targeting organizations in Russia and Uzbekistan: Java-based loaders, the NetSupport RAT, and a potential interest in IoT.
Internet of things
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems
TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, tracked as CVE-2026-0629 (CVSS score 8.7), affecting over 32 VIGI C and VIGI InSight camera models. The vulnerability lets attackers on a local network bypass […]
Hacking Wheelchairs over Bluetooth
Researchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory.
CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range of the…
Firmware scanning time, cost, and where teams run EMBA
Security teams that deal with connected devices often end up running long firmware scans overnight, checking progress in the morning, and trying to explain to colleagues why a single image consumed a workday of compute time. That routine sets the conte…
Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers
Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2026-0625 (CVSS score of 9.3), in legacy D-Link DSL routers. The vulnerability is an improper neutralization of special elements used in an OS Command (‘OS Command Injection’), […]
IoT Hack
Someone hacked an Italian ferry.
It looks like the malware was installed by someone on the ferry, and not remotely.
Henkel CISO on the messy truth of monitoring factories built across decades
In this Help Net Security interview, Stefan Braun, CISO at Henkel, discusses how smart manufacturing environments introduce new cybersecurity risks. He explains where single points of failure hide, how attackers exploit legacy systems, and why monitori…
New ASUS firmware patches critical AiCloud vulnerability
ASUS released new firmware to address multiple vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled. ASUS has issued new firmware addressing nine security vulnerabilities, including a critical authentication bypass, tracked as CVE-2025-59366 (CVSS score of 9.2), affecting routers with AiCloud enabled. “Researchers have reported potential vulnerabilities in ASUS Router. ASUS has […]
IT threat evolution in Q3 2025. Non-mobile statistics
The report presents key trends and statistics on malware that targets personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during the third quarter of 2025.
Wi-Fi signals may hold the key to touchless access control
Imagine walking into a secure building where the door unlocks the moment your hand hovers near it. No keycards, no PINs, no fingerprints. Instead, the system identifies you by the way your palm distorts the surrounding Wi-Fi signal. That is the idea be…