Sign-up

VARIoT news about IoT security

Worrying WatchGuard VPN bug could let hackers hijack your devices - here's how to stay safe - AIVAnet

Trust: 5.75

Fetched: Nov. 11, 2025, 9:22 a.m., Published: Oct. 21, 2025, 8:40 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
db: NVD ids: CVE-2025-9242

LANDFALL: Advanced Commercial-Grade Spyware Targeting Samsung Devices | eSecurity Planet

Trust: 4.5

Fetched: Nov. 11, 2025, 9:22 a.m., Published: Nov. 10, 2025, 3:39 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: palo model: networks
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-55177, CVE-2025-21043, CVE-2025-21042, CVE-2025-43300

CVE-2025-43418 - Apple iOS Locked Device Information Disclosure Vulnerability

Trust: 6.0

Fetched: Nov. 11, 2025, 9:21 a.m., Published: Nov. 5, 2025, 7:15 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: apple model: iphone_os
db: NVD ids: CVE-2025-43418

CISA Warns of Actively Exploited 0-Day RCE Vulnerability in Samsung Mobile Devices

Trust: 3.5

Fetched: Nov. 11, 2025, 9:21 a.m., Published: Nov. 11, 2025, 7:19 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: samsung model: mobile

CISA Issues Alert on Samsung 0-Day RCE Flaw Actively Exploited in Attacks

Trust: 5.75

Fetched: Nov. 11, 2025, 9:20 a.m., Published: Nov. 11, 2025, 6:53 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: note
vendor: samsung model: samsung
vendor: samsung model: mobile
db: NVD ids: CVE-2025-21042

Qatar Cybersecurity Warns Users Of Android Device Threat: Zero Click Vulnerability

Trust: 3.0

Fetched: Nov. 11, 2025, 9:19 a.m., Published: Nov. 9, 2025, 1:37 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CISA Warns of Samsung Mobile Devices 0-Day RCE Vulnerability Exploited in

Trust: 4.25

Fetched: Nov. 11, 2025, 9:19 a.m., Published: Nov. 11, 2025, 12:35 p.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: samsung model: mobile
db: NVD ids: CVE-2025-21042

Commercial spyware targeted Samsung Galaxy users for months - iTnews

Trust: 4.75

Fetched: Nov. 11, 2025, 9:18 a.m., Published: Nov. 11, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: palo model: networks
vendor: google model: android
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-55177, CVE-2025-21043, CVE-2025-21042, CVE-2025-43300

Seven QNAP Zero-Day Vulnerabilities Fixed Ahead of Pwn2Own 2025

Trust: 4.75

Fetched: Nov. 11, 2025, 9:18 a.m., Published: Nov. 9, 2025, 7 p.m.
 Vulnerabilities: privilege elevation, command injection, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-62840, CVE-2025-11837, CVE-2025-62849, CVE-2025-62847, CVE-2025-62848, CVE-2025-62842

Access Denied

Trust: 3.0

Fetched: Nov. 11, 2025, 9:17 a.m., Published: Nov. 18, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: samsung

Cross-Platform AI Browser Security: Multi-Device Protection Massachusetts | Kief Studio | Kief Studio

Trust: 4.25

Fetched: Nov. 11, 2025, 9:15 a.m., Published: Nov. 7, 2025, 3:04 a.m.
 Vulnerabilities: security bypass, information exposure
Affected productsExternal IDs
vendor: essential model: phone

Warning: Critical Dahua Security Flaw (CVE-2025-31702) Allows Full Takeover - Update Now! - CCTV Wiki

Trust: 5.0

Fetched: Nov. 11, 2025, 9:15 a.m., Published: Nov. 11, 2025, 3:22 a.m.
 Vulnerabilities: weak password
Affected productsExternal IDs
db: NVD ids: CVE-2025-31702

Samsung phones under threat from this dangerous new spyware cyberattack - here's how to stay safe | TechRadar

Trust: 5.75

Fetched: Nov. 11, 2025, 9:13 a.m., Published: Nov. 10, 2025, 4:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: samsung
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
db: NVD ids: CVE-2025-21042

LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices

Trust: 4.5

Fetched: Nov. 11, 2025, 9:11 a.m., Published: Nov. 7, 2025, 3 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: installer
vendor: apple model: mac os x
vendor: apple model: mac os
vendor: palo model: networks
vendor: google model: android
vendor: google model: home
vendor: google model: chrome
vendor: samsung model: mobile devices
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: gallery
vendor: samsung model: note
vendor: samsung model: mobile
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-55177, CVE-2025-21043, CVE-2025-21042, CVE-2025-43300

Multiple Cisco Contact Center Products Vulnerabilities - Cisco

Trust: 5.5

Fetched: Nov. 9, 2025, 11:36 a.m., Published: Nov. 5, 2025, 1:09 p.m.
 Vulnerabilities: directory traversal, file upload vulnerability, improper validation...
Affected productsExternal IDs
vendor: cisco model: cisco unified intelligence center
vendor: cisco model: unified intelligence center
vendor: cisco model: unified ccx
db: NVD ids: CVE-2025-20377, CVE-2025-20374, CVE-2025-20376, CVE-2025-20375

Apple Patches Multiple Critical Vulnerabilities in iOS 26.1 and iPadOS 26.1

Trust: 5.5

Fetched: Nov. 9, 2025, 11:35 a.m., Published: Nov. 4, 2025, 3:01 a.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: iphone
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2025-43392, CVE-2025-43438, CVE-2025-43442, CVE-2025-43398, CVE-2025-43421, CVE-2025-43493, CVE-2025-43480, CVE-2025-43447, CVE-2025-43407, CVE-2025-43503, CVE-2025-43450, CVE-2025-43455, CVE-2025-43391, CVE-2025-43495, CVE-2025-43454, CVE-2025-43462, CVE-2025-43426, CVE-2025-43452, CVE-2025-43422, CVE-2025-43448, CVE-2025-43429

Hard-coded credentials found in Moxa industrial security appliances, routers (CVE-2025-6950) - Help Net Security

Trust: 5.25

Fetched: Nov. 9, 2025, 11:35 a.m., Published: Oct. 20, 2025, 4:23 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-6894, CVE-2025-6950, CVE-2025-6892, CVE-2025-6949, CVE-2025-6893

The Most Common DNS Security Risks in 2025 (And How to Mitigate Them)

Trust: 3.75

Fetched: Nov. 9, 2025, 11:34 a.m., Published: Jan. 14, 2024, 12:07 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: rising model: antivirus

Apple Issues Emergency Security Update For Multiple Critical Vulnerabilities Across Devices

Trust: 4.5

Fetched: Nov. 9, 2025, 11:33 a.m., Published: Nov. 3, 2025, midnight
 Vulnerabilities: system crash, information leak
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: software update
vendor: apple model: safari
vendor: apple model: iphone
db: NVD ids: CVE-2025-43407, CVE-2025-43379, CVE-2025-43421, CVE-2025-43433, CVE-2025-43438, CVE-2025-43455, CVE-2025-43460, CVE-2025-43447, CVE-2025-43462, CVE-2025-43350

Google Releases Emergency Chrome Update to Patch Multiple RCE Vulnerabilities

Trust: 4.5

Fetched: Nov. 9, 2025, 11:33 a.m., Published: Nov. 6, 2025, 7:06 a.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: chrome
db: NVD ids: CVE-2025-12726, CVE-2025-12725, CVE-2025-12729, CVE-2025-12728, CVE-2025-12727