HackerWorkspace1d ago

Hacking on the Jiophone - From getting a rootshell to running Doom

https://sivaplaysmc.github.io/posts/doom-on-jiophone/

Short summary: https://hackerworkspace.com/article/hacking-on-the-jiophone-from-getting-a-rootshell-to-running-doom

#vulnerability #exploit #iotsecurity

Hacking on the Jiophone - From getting a rootshell to running Doom

A few days ago, I found an old Jiophone. At first, it appeared to be a simple, locked down KaiOS device. But after a day of tinkering around with it, I found myself running doom on it.

Binary Ruins
Offensive Sequence2d ago
CVE-2026-1679: HIGH severity buffer overflow in Zephyr RTOS (all versions). Local attackers can trigger kernel memory corruption via eswifi socket offload driver. Patch ASAP, enforce access controls. Details: https://radar.offseq.com/threat/cve-2026-1679-buffer-copy-without-checking-size-of-5ca8f17f #OffSeq #ZephyrRTOS #IoTSecurity #CVE
Offensive Sequence2d ago
🚨 CVE-2026-34205 (CRITICAL): Home Assistant OS ≀17.1 apps in host network mode expose unauthenticated endpoints to local networks. Upgrade to Supervisor 2026.03.02, segment networks, and review configs now! https://radar.offseq.com/threat/cve-2026-34205-cwe-923-improper-restriction-of-com-dfad0bbb #OffSeq #HomeAssistant #IoTSecurity
HackerWorkspaceMar 23

eMMC Firmware Extraction - Hacking an AI Toy Robot

https://www.youtube.com/watch?v=Rl6_3ZWJbqA

#cybersecurity #iotsecurity #electronics

eMMC Firmware Extraction - Hacking an AI Toy Robot

YouTube
TechNaduMar 21

AI-driven exploitation is here 🚨
38 vulns, 16 critical β€” found in hours
Consumer robots β†’ full control + data leaks + safety risks
IoT security gap is widening fast

Source: https://quasa.io/media/ai-agents-hack-consumer-robots-a-wake-up-call-for-cybersecurity-in-the-robotics-era

Are we ready for AI attackers? πŸ‘‡
Follow TechNadu

#Infosec #AI #IoTSecurity

Offensive SequenceMar 20
⚠️ CVE-2026-4478 (CRITICAL, CVSS 9.2) hits Yi Home Camera 2 (2.1.1_20171024151200): Improper signature verification in HTTP firmware update handler. Public exploit, no vendor response. Monitor & segment affected devices. https://radar.offseq.com/threat/cve-2026-4478-improper-verification-of-cryptograph-dd0fa87f #OffSeq #IoTSecurity #Vuln
HackerWorkspaceMar 18

This Chatbot Can Now SEE and DRAW β€” Pi 5 + LLM8850 Offline AI

https://www.youtube.com/watch?v=nhXfJC4qamw

#privacy #aisecurity #iotsecurity

This Chatbot Can Now SEE and DRAW β€” Pi 5 + LLM8850 Offline AI

YouTube
HackerWorkspaceMar 18

Is This the Budget Flipper Zero? HaleHound Firmware

https://www.youtube.com/watch?v=dxMmR-jEEbU

#cybersecurity #vulnerability #iotsecurity

Is This the Budget Flipper Zero? HaleHound Firmware

YouTube
HackerWorkspaceMar 18

Meta Ray-Ban BLE Detection and Spoofing

https://www.youtube.com/watch?v=Z-Eov3_8kws

#cybersecurity #iotsecurity #penetrationtesting

Meta Ray-Ban BLE Detection and Spoofing

YouTube
Offensive SequenceMar 18
⚠️ CRITICAL: Edimax GS-5008PL (≀1.00.54) has an auth bypass flaw (CVE-2026-32841). Attackers can gain admin access with no creds after any login. Isolate devices, restrict access, monitor logs β€” patch ASAP when available. https://radar.offseq.com/threat/cve-2026-32841-cwe-1108-excessive-reliance-on-glob-a4b3dee3 #OffSeq #CVE202632841 #IoTSecurity