NEWS

Zero-click Dolby audio bug lets attackers run code on Android and Windows devices

October 22, 2025

The bug, tracked as CVE-2025-54957, could let attackers run code via audio files.

A man looking at s Windows 11 logo on a computer screen

Windows update breaks USB support in recovery mode

October 21, 2025

Microsoft’s October update disabled USB keyboards and mice in Windows Recovery Mode, leaving unlucky users with two problems for the price of one.

poison

You can poison AI with just 250 dodgy documents

October 21, 2025

Anthropic’s new research shows how easy it could be to poison AI models—proof that even small manipulations can have big effects.

Project Red Hook investigates scam texts

Chinese gangs made over $1 billion targeting Americans with scam texts

October 20, 2025

Chinese gangs are using US SIM farms and money mules to run industrial-scale text scams that steal and launder Americans’ card data.

week in security

A week in security (October 13 – October 19)

October 20, 2025

A list of topics we covered in the week of October 13 to October 19 of 2025

Prosper logo

Prosper data breach puts 17 million people at risk of identity theft

October 17, 2025

While Prosper says no funds or accounts were accessed, the stolen data could lead to targeted phishing and identity theft.

Looks like we’re stuck with Zoom: Is it any safer?

Video call app Huddle01 exposed 600K+ user logs

October 16, 2025

Privacy left the chat. A misconfigured Kafka broker effectively undid the anonymity many users rely on.

Mango logo

Mango discloses data breach at third-party provider

October 16, 2025

The fashion retailer says a breach at a marketing partner exposed limited contact details—but no financial data or passwords.

Roku

Roku accused of selling children’s data to advertisers and brokers

October 16, 2025

Florida claims Roku ignored clear signs its users were minors, collecting and selling viewing habits, voice recordings and precise locations.