Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

2026 Device Vulnerabilities Surge: AI Exploits Threaten IoT and Infrastructure

Trust: 4.5

Fetched: Jan. 25, 2026, 9:29 a.m., Published: Jan. 25, 2026, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
db: NVD ids: CVE-2026-22910, CVE-2026-22920

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data | TechRadar

Trust: 4.0

Fetched: Jan. 25, 2026, 9:29 a.m., Published: Jan. 23, 2026, 3:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59719, CVE-2025-59718

WhisperPair: What the New Bluetooth Fast Pair Vulnerability Means for Your Devices

Trust: 3.75

Fetched: Jan. 25, 2026, 9:27 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: oneplus model: 3
vendor: oneplus model: oneplus
vendor: xiaomi model: redmi
db: NVD ids: CVE-2025-36911

Cisco Unified Communications Products Remote Code Execution Vulnerability - Cisco

Trust: 3.5

Fetched: Jan. 25, 2026, 9:24 a.m., Published: Jan. 23, 2026, 7:37 a.m.
 Vulnerabilities: code execution, improper validation
Affected productsExternal IDs
vendor: cisco model: cisco unified communications manager
vendor: cisco model: cisco unity
vendor: cisco model: unity connection
vendor: cisco model: cisco webex
vendor: cisco model: unified communications manager im & presence service
vendor: cisco model: unity
vendor: cisco model: cisco unity connection
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: webex
vendor: cisco model: unified communications
vendor: cisco model: unified communications manager

Audio Accessory Flaw Turns Headphones into a Spy Device - Breach Spot

Trust: 3.0

Fetched: Jan. 25, 2026, 9:24 a.m., Published: Jan. 24, 2026, 4:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-36911

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Trust: 4.0

Fetched: Jan. 25, 2026, 9:23 a.m., Published: Jan. 23, 2026, 12:30 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-59719, CVE-2025-59718

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Trust: 4.5

Fetched: Jan. 25, 2026, 9:18 a.m., Published: Jan. 22, 2026, 4:06 a.m.
 Vulnerabilities: privilege escalation, improper validation
Affected productsExternal IDs
vendor: cisco model: asyncos software
vendor: cisco model: cisco unity
vendor: cisco model: unity connection
vendor: cisco model: unity
vendor: cisco model: cisco unity connection
vendor: cisco model: asyncos
vendor: cisco model: webex
vendor: cisco model: unified communications
db: NVD ids: CVE-2026-20045, CVE-2025-20393

Reset your Android device to factory settings - Android Help

Trust: 3.0

Fetched: Jan. 25, 2026, 9:17 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Find, secure, or erase a lost Android device - Google Account Help

Trust: 3.0

Fetched: Jan. 25, 2026, 9:15 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

TP-Link Vulnerability Allows Authentication Bypass Via Password Recovery

Trust: 5.75

Fetched: Jan. 23, 2026, 9:59 a.m., Published: Jan. 21, 2026, 9:31 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: wireshark model: wireshark
db: NVD ids: CVE-2026-0629

Update Canonical Ubuntu Server: USN-7967-1: Avahi vulnerabilities

Trust: 5.75

Fetched: Jan. 23, 2026, 9:58 a.m., Published: Jan. 23, 7967, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: avahi model: avahi
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-68471, CVE-2025-68276, CVE-2025-68468

🚨Why End-of-Life Devices Are a Silent Cyber Risk By Ayomiposi Okimi Cybersecurity | Threat Intelligence | Security Research

Trust: 5.75

Fetched: Jan. 23, 2026, 9:57 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
vendor: d-link model: router
db: NVD ids: CVE-2026-0625

Update Canonical Ubuntu Server: USN-7968-1: Apache HTTP Server vulnerabilities

Trust: 6.25

Fetched: Jan. 23, 2026, 9:57 a.m., Published: Jan. 23, 7968, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-58098, CVE-2025-66200, CVE-2025-65082, CVE-2025-55753

FortiGate Firewalls Hacked in Automated Attacks to Steal Configuration Data

Trust: 3.5

Fetched: Jan. 23, 2026, 9:56 a.m., Published: Jan. 23, 2026, midnight
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-59718, CVE-2025-59719

Rockwell Automation Verve Asset Manager | CISA

Trust: 3.75

Fetched: Jan. 23, 2026, 9:56 a.m., Published: May 23, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: ansible model: ansible
db: NVD ids: CVE-2025-14376, CVE-2025-14377

TP-Link Authentication Bypass Vulnerability Puts Routers at Risk

Trust: 4.5

Fetched: Jan. 23, 2026, 9:55 a.m., Published: Jan. 21, 2026, midnight
 Vulnerabilities: authentication bypass, default credentials, password recovery flaw
Affected productsExternal IDs
vendor: tp-link model: routers

CVE-2026-0785 - ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability

Trust: 4.75

Fetched: Jan. 23, 2026, 9:55 a.m., Published: Jan. 23, 2026, 4:16 a.m.
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-0785

Fortinet FortiGate exploited via SSO authentication abuse

Trust: 3.0

Fetched: Jan. 23, 2026, 9:54 a.m., Published: Jan. 22, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios

Telegram Vulnerability Exposed: Secret Chats Compromised | Luis Oria Seidel posted on the topic | LinkedIn

Trust: 3.25

Fetched: Jan. 23, 2026, 9:53 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wireshark model: wireshark

Pixel 9 Zero-Click Exploit Revealed: Audio Messages Hack << Android :: Gadget Hacks

Trust: 5.25

Fetched: Jan. 23, 2026, 9:52 a.m., Published: Jan. 16, 2026, 2:59 p.m.
 Vulnerabilities: memory corruption, code execution, integer overflow
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: android
vendor: samsung model: note
vendor: samsung model: galaxy
vendor: samsung model: android phone
vendor: samsung model: mobile phones
vendor: samsung model: samsung galaxy
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2025-54957