Sign-up

VARIoT news about IoT security

Apple Fixes Zero-Day Flaw Used in macOS and iOS Attacks - gHacks Tech News

Trust: 5.5

Fetched: Feb. 13, 2026, 9:14 a.m., Published: Feb. 12, 2026, 11:13 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: iphone
db: NVD ids: CVE-2025-43529, CVE-2025-14174, CVE-2026-20700

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Trust: 5.5

Fetched: Feb. 13, 2026, 9:14 a.m., Published: Feb. 12, 2026, 5:39 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: apple tv
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: watch
db: NVD ids: CVE-2025-43529, CVE-2025-14174, CVE-2026-20700

Apple patches zero-day flaw that could let attackers take control of devices | Malwarebytes

Trust: 4.5

Fetched: Feb. 13, 2026, 9:13 a.m., Published: Feb. 12, 2026, 11:40 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: apple tv
vendor: apple model: software update
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: watch
db: NVD ids: CVE-2025-43529, CVE-2025-14174, CVE-2026-20700

This Week in Cybersecurity: Active Exploits, AI Platform Vulnerabilities, and Data Exposure Risks

Trust: 3.75

Fetched: Feb. 11, 2026, 9:51 a.m., Published: Feb. 10, 2026, midnight
 Vulnerabilities: improper validation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-25253

TP-Link Archer C6 Router Vulnerabilities Exposed | Enigma Security posted on the topic | LinkedIn

Trust: 4.5

Fetched: Feb. 11, 2026, 9:50 a.m., Published: -
 Vulnerabilities: buffer overflow, authentication bypass, privilege escalation
Affected productsExternal IDs
vendor: tplink model: routers
vendor: wireshark model: wireshark
vendor: tp-link model: routers

CVE-2026-2260 : Command Injection Vulnerability in D-Link DCS-931L Camera

Trust: 5.25

Fetched: Feb. 11, 2026, 9:49 a.m., Published: Feb. 10, 2026, 3:02 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dcs-931l
db: NVD ids: CVE-2026-2260

CVE-2026-20404 : Denial of Service Vulnerability in Modem by MediaTek

Related entries in the VARIoT vulnerabilities database: VAR-202602-0315

Trust: 4.5

Fetched: Feb. 11, 2026, 9:48 a.m., Published: Feb. 2, 2026, 8:14 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2026-20404

Ring Doorbell Security Issues: What Are Privacy Concerns & Can It Be Hacked?

Trust: 3.5

Fetched: Feb. 11, 2026, 9:47 a.m., Published: Feb. 1, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: google model: home
vendor: google model: android

WordPress Security Bulletin: PopupKit Plugin Vulnerability (CVE-2025-14895) | Freshy

Trust: 4.0

Fetched: Feb. 11, 2026, 9:46 a.m., Published: Feb. 10, 2026, 4:46 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-14895

Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features

Trust: 3.75

Fetched: Feb. 11, 2026, 9:45 a.m., Published: Jan. 15, 2026, 2:06 p.m.
 Vulnerabilities: security feature bypass, feature bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-20824

Hackers could exploit these W-Fi security flaws to knock your internet offline | TechRadar

Trust: 4.75

Fetched: Feb. 11, 2026, 9:40 a.m., Published: Jan. 19, 2026, 4:40 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: asus model: asus
vendor: asus model: router
vendor: asus model: routers

GitHub - SpectrixDev/DIY_WhisperPair: Hijacking Bluetooth Accessories Using Google Fast Pair: WhisperPair CVE-2025-36911 Reference Implementation & Vulnerability Verification Toolkit

Trust: 3.5

Fetched: Feb. 11, 2026, 9:40 a.m., Published: Feb. 9, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-36911

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Feb. 11, 2026, 9:39 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

CVE-2025-11004 - Reflected XSS vulnerability in Simplicity Device Manager tool

Trust: 3.25

Fetched: Feb. 11, 2026, 9:37 a.m., Published: Feb. 10, 2026, 4:16 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-11004

Reset your Android device to factory settings - Android Help

Trust: 3.0

Fetched: Feb. 11, 2026, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

European Commission Mobile Cyberattack Meets Swift Response

Trust: 3.75

Fetched: Feb. 10, 2026, 9:37 a.m., Published: Feb. 9, 2026, 7:19 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-1281, CVE-2026-1340

European Commission MDM Hack Exposes Staff Data

Trust: 3.5

Fetched: Feb. 10, 2026, 9:37 a.m., Published: Feb. 10, 2026, 5:34 a.m.
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: barracuda model: barracuda
vendor: check point model: check point
vendor: barracuda networks model: barracuda

European Commission hit by cyberattackers targeting mobile management platform - Help Net Security

Trust: 4.0

Fetched: Feb. 10, 2026, 9:36 a.m., Published: Feb. 9, 2026, 2:02 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-1281, CVE-2026-1340

Indian Govt Flags High-Risk Microsoft Edge Flaw, Urges Millions of Users to Update Immediately

Trust: 4.75

Fetched: Feb. 10, 2026, 9:36 a.m., Published: Feb. 5, 2026, 4:17 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

CVE-2025-41649: Critical Buffer Overflow Vulnerability Leading to Denial-of-Service (DoS) - Ameeba Exploit Tracker

Trust: 5.0

Fetched: Feb. 10, 2026, 9:34 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: buffer overflow, system crash
Affected productsExternal IDs
db: NVD ids: CVE-2025-41649