Sign-up

VARIoT news about IoT security

Device Leak Mitigation in Linux Kernel's DMA Engine: CVE-2025-71187

Trust: 3.25

Fetched: Feb. 8, 2026, 9:16 a.m., Published: Jan. 31, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-71187

Device Leak Fix in Linux Kernel's DMA Engine: CVE-2025-71185

Trust: 3.25

Fetched: Feb. 8, 2026, 9:15 a.m., Published: Jan. 31, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-71185

Over a Billion Android Devices at Risk: Google Warns of Security Vulnerabilities

Trust: 3.0

Fetched: Feb. 8, 2026, 9:12 a.m., Published: Feb. 8, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Reset your Android device to factory settings - Android Help

Trust: 3.0

Fetched: Feb. 8, 2026, 9:10 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Update Canonical Ubuntu Desktop: USN-7994-1: MySQL vulnerabilities

Trust: 3.25

Fetched: Feb. 6, 2026, 9:44 a.m., Published: Jan. 6, 7994, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Update Canonical Ubuntu Server: USN-7993-1: libpng vulnerabilities

Trust: 4.25

Fetched: Feb. 6, 2026, 9:43 a.m., Published: Jan. 6, 7993, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Surge Protection Devices Market in the United Kingdom | Report - IndexBox - Prices, Size, Forecast, and Companies

Trust: 3.75

Fetched: Feb. 6, 2026, 9:42 a.m., Published: Feb. 4, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Ivanti's Enterprise Mobility Manager Under Siege as Zero-Day Vulnerabilities Trigger Widespread Exploitation Campaign

Trust: 3.5

Fetched: Feb. 6, 2026, 9:40 a.m., Published: Feb. 4, 2026, 11:45 a.m.
 Vulnerabilities: code execution, authentication bypass, sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-11639, CVE-2025-0282

Critical TP-Link Vulnerabilities Demand Immediate Firmware Updates - Cyber Web Spider Blog - News

Trust: 4.0

Fetched: Feb. 6, 2026, 9:40 a.m., Published: Feb. 5, 2026, midnight
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
vendor: tp-link model: routers

TP-Link Archer C7 Firmware Vulnerability Exposed | Luis Oria Seidel posted on the topic | LinkedIn

Trust: 4.5

Fetched: Feb. 6, 2026, 9:40 a.m., Published: -
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: tplink model: routers
vendor: tplink model: archer c7
vendor: tplink model: archer c7 firmware
vendor: tp-link model: routers
vendor: tp-link model: archer c7
vendor: tp-link model: archer c7 firmware

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review

Trust: 6.0

Fetched: Feb. 6, 2026, 9:39 a.m., Published: Jan. 28, 2026, 8:42 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-59719, CVE-2025-59718, CVE-2020-0601, CVE-2026-24858, CVE-2020-6007

CISA Quietly Refreshes List of Ransomware Exploited Vulnerabilities - Cyber Warriors Middle East

Trust: 3.5

Fetched: Feb. 6, 2026, 9:39 a.m., Published: Feb. 4, 2026, 8:46 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks

TP-Link Vulnerabilities Let Hackers Take Full Control of Devices

Trust: 4.5

Fetched: Feb. 6, 2026, 9:39 a.m., Published: Feb. 4, 2026, 2:06 p.m.
 Vulnerabilities: traffic interception, command injection
Affected productsExternal IDs
vendor: google model: home
vendor: google model: wi-fi router
db: NVD ids: CVE-2026-22227, CVE-2026-22222, CVE-2026-22225, CVE-2026-22229, CVE-2026-22221, CVE-2026-22223, CVE-2026-0631, CVE-2026-0630, CVE-2026-22224, CVE-2026-22226

Zero-Days in Plain Sight as Office Exploits and Mobile Manager Breaches Drove a Week of Active Attacks

Trust: 4.5

Fetched: Feb. 6, 2026, 9:38 a.m., Published: Feb. 3, 2026, midnight
 Vulnerabilities: code execution, feature bypass, security feature bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-1340, CVE-2026-21509, CVE-2026-1281

Google warns 40% of Android phones at risk from malware and spyware amid outdated software - Sharp Daily

Trust: 3.0

Fetched: Feb. 6, 2026, 9:38 a.m., Published: Feb. 4, 2026, 11:52 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Industrial Alert: Critical Auth Bypass (CVSS 9.2) Hits Moxa Switches

Trust: 5.25

Fetched: Feb. 6, 2026, 9:38 a.m., Published: Feb. 5, 2026, 12:01 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-12297

CVE-2026-0714 - Moxa Industrial Computers TPM SPI Bus Physical Attack Vulnerability

Trust: 3.25

Fetched: Feb. 6, 2026, 9:37 a.m., Published: Feb. 5, 2026, 5:16 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-0714

CISA Silently Updates Vulnerabilities Exploited By Ransomware Groups

Trust: 3.75

Fetched: Feb. 6, 2026, 9:36 a.m., Published: Feb. 4, 2026, 8:46 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: check point model: express
vendor: check point model: check point
vendor: palo alto networks model: networks
vendor: palo model: networks

CISA Warns of Unpatched Avation & RISS Critical Flaws

Trust: 3.0

Fetched: Feb. 6, 2026, 9:36 a.m., Published: Feb. 5, 2026, 12:27 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-1341, CVE-2026-1632

BrightSign Players (Update A) | CISA

Trust: 4.75

Fetched: Feb. 6, 2026, 9:36 a.m., Published: Jan. 29, 2026, midnight
 Vulnerabilities: code execution, privilege escalation, default password...
Affected productsExternal IDs
db: NVD ids: CVE-2025-54756