OffSequence10h ago
🔥 CRITICAL: CVE-2026-42854 in arduino-esp32 (<3.3.8) enables stack buffer overflow via HTTP multipart boundary — can crash device or allow RCE. Patch ASAP by upgrading to 3.3.8! https://radar.offseq.com/threat/cve-2026-42854-cwe-121-stack-based-buffer-overflow-caa5555e #OffSeq #CVE202642854 #IoTSecurity #Espressif
HackerWorkspace17h ago

Defending consumer web properties against modern DDoS attacks | Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog/2026/05/12/defending-consumer-web-properties-against-modern-ddos-attacks/

Read on HackerWorkspace: https://hackerworkspace.com/article/defending-consumer-web-properties-against-modern-ddos-attacks-microsoft-security-blog

#cybersecurity #threatintelligence #iotsecurity

Defending consumer web properties against modern DDoS attacks | Microsoft Security Blog

Learn how to protect consumer websites and defend against modern DDoS attacks with layered security, resilient architecture, and graceful service degradation.

Microsoft Security Blog
CyberNetsecIO5d ago

📰 Mirai Variant 'xlabs_v1' Builds DDoS Botnet by Hijacking IoT Devices with Exposed ADB Ports

🚨 New Mirai-based botnet 'xlabs_v1' hijacks IoT devices & Android TVs via exposed ADB ports (TCP/5555). The botnet is used for DDoS-for-hire services, targeting Minecraft servers. #Mirai #Botnet #DDoS #IoTSecurity

🔗 https://cyber.netsecops.io

HackerWorkspace6d ago

LABScon25 Replay | Connect to the Foreign Entity to Enhance Your User Experience | FitzPatrick

https://www.youtube.com/watch?v=rrgUND-uVAw

#cybersecurity #privacy #iotsecurity

LABScon25 Replay | Connect to the Foreign Entity to Enhance Your User Experience | FitzPatrick

YouTube
OffSequenceMay 6
⚠️ CRITICAL: Buffer overflow in D-Link DI-8100 (16.07.26A1) via /url_rule.asp POST handler. Remote, unauthenticated RCE possible. Public exploit available. No official patch yet. Details: https://radar.offseq.com/threat/cve-2026-7854-buffer-overflow-in-d-link-di-8100-87d0fee7 #OffSeq #CVE20267854 #Vuln #IoTSecurity
OffSequenceMay 5
🚨 CVE-2026-41924 (CRITICAL): OS command injection in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) enables unauthenticated remote shell command execution. No patch yet — immediate isolation & monitoring advised. https://radar.offseq.com/threat/cve-2026-41924-improper-neutralization-of-special--62b0b2d6 #OffSeq #Vuln #IoTSecurity
OffSequenceMay 5
🛑 CRITICAL: CVE-2026-41925 in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) enables unauth OS command injection via reboot_time param. No patch yet — disable remote mgmt or isolate device. https://radar.offseq.com/threat/cve-2026-41925-improper-neutralization-of-special--d33e9e36 #OffSeq #Infosec #IoTSecurity
OffSequenceMay 5
🚨 CVE-2026-41926 (CRITICAL, CVSS 9.3): OS command injection in Shenzhen Yipu WDR201A WiFi Extender allows unauthenticated remote code execution via firewall.cgi. Persistent payloads survive reboots. Restrict access, monitor for fixes. https://radar.offseq.com/threat/cve-2026-41926-improper-neutralization-of-special--58e4d954 #OffSeq #IoTSecurity #CVE
OffSequenceMay 4
🔴 CRITICAL: CVE-2026-7747 in Totolink N300RH (v3.2.4-B20220812) — remote, unauthenticated buffer overflow via /cgi-bin/cstecgi.cgi Password param. Exploit is public; no patch yet. Restrict mgmt access! https://radar.offseq.com/threat/cve-2026-7747-buffer-overflow-in-totolink-n300rh-d88a1f5e #OffSeq #CVE20267747 #IoTSecurity
HackerWorkspaceMay 4

This 'cardputer' sits between the Raspberry Pi and Flipper Zero - but it's uniquely better

https://www.zdnet.com/article/m5stack-cardputer-adv-review/

Read on HackerWorkspace: https://hackerworkspace.com/article/this-cardputer-sits-between-the-raspberry-pi-and-flipper-zero-but-it-s-uniquely-better

#cybersecurity #exploit #iotsecurity

This portable computer is the Raspberry Pi alternative I didn't know I needed

The M5Stack Cardputer Adv is a self-contained pocket computer packed with promise.

ZDNET