Sign-up

VARIoT news about IoT security

Google Fast Pair WhisperPair flaws allow Bluetooth device hijacking | Fox News

Trust: 3.5

Fetched: Jan. 27, 2026, 6:56 p.m., Published: Jan. 27, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: pixel
vendor: google model: android
vendor: apple model: software update
vendor: apple model: iphone
vendor: oneplus model: one
vendor: oneplus model: oneplus

CVE-2026-20045 | Tenable®

Trust: 3.5

Fetched: Jan. 27, 2026, 6:55 p.m., Published: Jan. 22, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-20045

How to spot and stop everyday cyberattacks | PCWorld

Trust: 4.25

Fetched: Jan. 27, 2026, 6:55 p.m., Published: Jan. 27, 2026, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android
vendor: apple model: mac os

Mass Exploitation Of Fortinet FortiGate Via FortiCloud SSO Vulnerability CVE-2025-59718

Trust: 3.75

Fetched: Jan. 27, 2026, 6:54 p.m., Published: Jan. 26, 2026, 2:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59718, CVE-2025-59719

Approve, block, unblock, or delete a managed device - Google Workspace Admin Help

Trust: 3.5

Fetched: Jan. 27, 2026, 6:53 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android

2026 Device Vulnerabilities Surge: AI Exploits Threaten IoT and Infrastructure

Trust: 4.5

Fetched: Jan. 25, 2026, 9:29 a.m., Published: Jan. 25, 2026, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
db: NVD ids: CVE-2026-22910, CVE-2026-22920

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data | TechRadar

Trust: 4.0

Fetched: Jan. 25, 2026, 9:29 a.m., Published: Jan. 23, 2026, 3:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59719, CVE-2025-59718

WhisperPair: What the New Bluetooth Fast Pair Vulnerability Means for Your Devices

Trust: 3.75

Fetched: Jan. 25, 2026, 9:27 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: oneplus model: 3
vendor: oneplus model: oneplus
vendor: xiaomi model: redmi
db: NVD ids: CVE-2025-36911

Audio Accessory Flaw Turns Headphones into a Spy Device - Breach Spot

Trust: 3.0

Fetched: Jan. 25, 2026, 9:24 a.m., Published: Jan. 24, 2026, 4:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-36911

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Trust: 4.0

Fetched: Jan. 25, 2026, 9:23 a.m., Published: Jan. 23, 2026, 12:30 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-59719, CVE-2025-59718

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Trust: 4.5

Fetched: Jan. 25, 2026, 9:18 a.m., Published: Jan. 22, 2026, 4:06 a.m.
 Vulnerabilities: privilege escalation, improper validation
Affected productsExternal IDs
vendor: cisco model: asyncos software
vendor: cisco model: cisco unity
vendor: cisco model: unity connection
vendor: cisco model: unity
vendor: cisco model: cisco unity connection
vendor: cisco model: asyncos
vendor: cisco model: webex
vendor: cisco model: unified communications
db: NVD ids: CVE-2026-20045, CVE-2025-20393

Reset your Android device to factory settings - Android Help

Trust: 3.0

Fetched: Jan. 25, 2026, 9:17 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Find, secure, or erase a lost Android device - Google Account Help

Trust: 3.0

Fetched: Jan. 25, 2026, 9:15 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

TP-Link Vulnerability Allows Authentication Bypass Via Password Recovery

Trust: 5.75

Fetched: Jan. 23, 2026, 9:59 a.m., Published: Jan. 21, 2026, 9:31 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: wireshark model: wireshark
db: NVD ids: CVE-2026-0629

Update Canonical Ubuntu Server: USN-7967-1: Avahi vulnerabilities

Trust: 5.75

Fetched: Jan. 23, 2026, 9:58 a.m., Published: Jan. 23, 7967, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: avahi model: avahi
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-68471, CVE-2025-68276, CVE-2025-68468

🚨Why End-of-Life Devices Are a Silent Cyber Risk By Ayomiposi Okimi Cybersecurity | Threat Intelligence | Security Research

Trust: 5.75

Fetched: Jan. 23, 2026, 9:57 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
vendor: d-link model: router
db: NVD ids: CVE-2026-0625

Update Canonical Ubuntu Server: USN-7968-1: Apache HTTP Server vulnerabilities

Trust: 6.25

Fetched: Jan. 23, 2026, 9:57 a.m., Published: Jan. 23, 7968, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-58098, CVE-2025-66200, CVE-2025-65082, CVE-2025-55753

FortiGate Firewalls Hacked in Automated Attacks to Steal Configuration Data

Trust: 3.5

Fetched: Jan. 23, 2026, 9:56 a.m., Published: Jan. 23, 2026, midnight
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-59718, CVE-2025-59719

Rockwell Automation Verve Asset Manager | CISA

Trust: 3.75

Fetched: Jan. 23, 2026, 9:56 a.m., Published: May 23, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: ansible model: ansible
db: NVD ids: CVE-2025-14376, CVE-2025-14377

TP-Link Authentication Bypass Vulnerability Puts Routers at Risk

Trust: 4.5

Fetched: Jan. 23, 2026, 9:55 a.m., Published: Jan. 21, 2026, midnight
 Vulnerabilities: authentication bypass, default credentials, password recovery flaw
Affected productsExternal IDs
vendor: tp-link model: routers