Here’s a nice little distraction from your workday: Head to Google, type in any made-up phrase, add the word “meaning,” and search. Behold! Google’s AI Overviews will not only confirm that your gibberish is a real saying, it will also tell you what it means and how it was derived. This is genuinely fun, and … Read more
An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. Active! mail is a web-based email client developed initially by TransWARE and later acquired by Qualitia, both Japanese companies. While it’s not widely used worldwide like Gmail or Outlook, Active! is often used as a groupware component … Read more
ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. The vulnerability, tracked under CVE-2025-2492 and rated critical (CVSS v4 score: 9.2), is remotely exploitable via a specially crafted request and requires no authentication, making it particularly dangerous. … Read more
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. The flaw tracked as CVE-2025-24054 was fixed in Microsoft’s March 2025 Patch Tuesday. Initially, it was not marked as actively exploited and was assessed as ‘less likely’ to be. However, … Read more
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. Tracked as CVE-2021-20035, this security flaw impacts SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v (ESX, KVM, AWS, Azure) devices. Successful exploitation can allow remote threat … Read more
Pixel smartphones typically enjoy timely and regular software updates over non-Pixel Android devices. This often proves crucial for addressing urgent fixes and security vulnerabilities. The April security update is no exception and is now rolling out to eligible Pixel models running Android 15. This update delivers a substantial set of fixes, most notably patching a critical … Read more
Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. The company says Daniel Rozeboom of the FortiSwitch web UI development team discovered the vulnerability (CVE-2024-48887) internally. Unauthenticated attackers can exploit this unverified FortiSwitch GUI password change security flaw (rated with a 9.8/10 … Read more
Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices. Described as a spoofing issue and tracked as CVE-2025-30401, this security flaw can be exploited by attackers by sending maliciously crafted files with altered file types to … Read more
The Nvidia RTX 5090 graphics cards appear to still be having trouble in the connector department, with a user reporting that their component experienced a melted cable. Reddit user Roachard recently shared their situation on the social media platform with images, having detailed that the incident happened while using an MSI GeForce RTX 5090 Gaming … Read more
With a mix of flexible cameras, clean software, and approachable prices, the Nothing Phone 3a and 3a Pro are some of the easiest budget Android phones to recommend, just so long as you don’t live in the US. I like the Nothing Phone 3a — the Phone 3a Pro, too, for that matter. I think … Read more