The Worst Hacks of 2025

From university breaches to cyberattacks that shut down whole supply chains, these were the worst cybersecurity incidents of the year.

The New Surveillance State Is You

Privacy may be dead, but civilians are turning conventional wisdom on its head by surveilling the cops as much as the cops surveil them.

The Most Dangerous People on the Internet in 2025

From Donald Trump to DOGE to Chinese hackers, this year the internet's chaos caused outsized real-world harm.

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Cybersecurity researchers have disclosed details of what has been described as a "sustained and targeted" spear-phishing campaign that has published over two dozen packages to the npm registry to facilitate credential theft. The activity, which involved uploading 27 npm packages from six different npm aliases, has primarily targeted sales and commercial personnel at critical

Europe's cloud challenge: Building an Airbus for the digital age

Countries that banded together to challenge Boeing in the air try to do the same to AWS, Microsoft, and Google on the ground

Feature More than half a century ago, a consortium of European aerospace businesses from the UK, France, Germany and Spain joined forces to take on America's Boeing. Fast forward to the 21st century and the countries are applying the same model needs to the world of cloud computing, giving the continent a fighting chance to reduce the digital domination of Big Tech.…

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from the MongoDB server memory. It has been codenamed MongoBleed. "A flaw

Static scans vs runtime reality

submitted by /u/SaadMalik12
[link] [comments]

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed unauthorized extraction of user data from AI memory. The result: 23.77 million secrets were leaked through AI

Accused data thief threw MacBook into a river to destroy evidence

Former staffer of Korean e-tailer Coupang accessed 33 million records but may have done less damage than feared

Korean e-tailer Coupang claims a former employee has admitted to improperly accessing data describing 33 million of its customers, but says the accused deleted the stolen data.…

Death, torture, and amputation: How cybercrime shook the world in 2025

The human harms of cyberattacks piled up this year, and violence expected to increase

The knock-on, and often unintentional, impacts of a cyberattack are so rarely discussed. As an industry, the focus is almost always placed on the economic damage: the ransom payment; the cost of business downtime; and goodness, don't forget those poor shareholders.…

Weekly Update 484

I think the start of this week's video really nailed it for the techies amongst us: shit doesn't work, you change something random and now shit works and yu have no idea why 🤷‍♂️ Such was my audio this week and apoligise to those of you watching the video below for the first few mins (although I managed to clean up the audio-only podcast version). Ironically, doing things non-standard at home was intended to iron out the creases before the impending travel so... a week from now when I do this with Scott Helme from Duabi it'll all be fine! Let's see 🤞

References

1. Sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing

Identity misuse that looks completely normal

submitted by /u/Additional_Bar8316
[link] [comments]

[KIS-2025-14] PKP-WAL <= 3.5.0-1 Login Cross-Site Request Forgery Vulnerability

Posted by Egidio Romano on Dec 27

-----------------------------------------------------------------
PKP-WAL <= 3.5.0-1 Login Cross-Site Request Forgery Vulnerability
-----------------------------------------------------------------

[-] Software Links:

https://pkp.sfu.ca
https://github.com/pkp/pkp-lib

[-] Affected Versions:

Version 3.3.0-21 and prior versions.
Version 3.4.0-9 and prior versions.
Version 3.5.0-1 and prior versions.

[-] Vulnerability Description:

Open...

[KIS-2025-13] PKP-WAL <= 3.5.0-3 (X-Forwarded-Host) LESS Code Injection Vulnerability

Posted by Egidio Romano on Dec 27

-----------------------------------------------------------------------
PKP-WAL <= 3.5.0-3 (X-Forwarded-Host) LESS Code Injection Vulnerability
-----------------------------------------------------------------------

[-] Software Links:

https://pkp.sfu.ca
https://github.com/pkp/pkp-lib

[-] Affected Versions:

PKP Web Application Library (aka PKP-WAL or pkp-lib) version 3.4.0-10
and prior versions, and version 3.5.0-3 and prior versions, as...

[KIS-2025-12] PKP-WAL <= 3.5.0-1 (baseColour) LESS Code Injection Vulnerability

Posted by Egidio Romano on Dec 27

-----------------------------------------------------------------
PKP-WAL <= 3.5.0-1 (baseColour) LESS Code Injection Vulnerability
-----------------------------------------------------------------

[-] Software Links:

https://pkp.sfu.ca
https://github.com/pkp/pkp-lib

[-] Affected Versions:

PKP Web Application Library (aka PKP-WAL or pkp-lib) version 3.4.0-9
and prior versions, and version 3.5.0-1 and prior versions, as used in
Open Journal...

[KIS-2025-11] Open Journal Systems <= 3.5.0-1 (NativeXmlIssueGalleyFilter.php) Path Traversal Vulnerability

Posted by Egidio Romano on Dec 27

---------------------------------------------------------------------------------------------
Open Journal Systems <= 3.5.0-1 (NativeXmlIssueGalleyFilter.php) Path
Traversal Vulnerability
---------------------------------------------------------------------------------------------

[-] Software Links:

https://pkp.sfu.ca/software/ojs/
https://github.com/pkp/ojs

[-] Affected Versions:

Version 3.3.0-21 and prior versions.
Version 3.4.0-9 and...

[KIS-2025-10] PKP-WAL <= 3.5.0-1 (Institution Collector) SQL Injection Vulnerability

Posted by Egidio Romano on Dec 27

----------------------------------------------------------------------
PKP-WAL <= 3.5.0-1 (Institution Collector) SQL Injection Vulnerability
----------------------------------------------------------------------

[-] Software Links:

https://pkp.sfu.ca
https://github.com/pkp/pkp-lib

[-] Affected Versions:

PKP Web Application Library (aka PKP-WAL or pkp-lib) version 3.4.0-9
and prior versions, and version 3.5.0-1 and prior versions, as used...

Backdoor.Win32.Poison.jh / Insecure Permissions

Posted by malvuln on Dec 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2025
Original source:
https://malvuln.com/advisory/3d9821cbe836572410b3c5485a7f76ca.txt
Malvuln Intelligence Feed: https://intel.malvuln.com/
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Poison.jh
Vulnerability: Insecure Permissions
Description: The malware creates the directory 28463 under
C:\Windows\SysWOW64, granting Full (F) permissions to the Everyone...

Backdoor.Win32.Netbus.170 / Insecure Credential Storage / MVID-2025-0703

Posted by malvuln on Dec 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2025
Original source:
https://malvuln.com/advisory/086f0693f81f6d40460c215717349a1f.txt
Malvuln Intelligence Feed: https://intel.malvuln.com/
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Netbus.170
Vulnerability: Insecure Credential Storage
Family: Netbus
Type: PE32
Attack-pattern TTP: Unsecured Credentials (T1552)
MD5: 086f0693f81f6d40460c215717349a1f...

Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks

submitted by /u/AlmondOffSec
[link] [comments]

Implicit execution authority is the real failure mode behind prompt injection

submitted by /u/anima-core
[link] [comments]

Early warning signs of runtime compromise

submitted by /u/AviMitz_
[link] [comments]

Mongobleed - CVE-2025-14847

submitted by /u/depierre
[link] [comments]

Why runtime attacks stay quiet for so long

submitted by /u/OKAMI_TAMA
[link] [comments]

The US Must Stop Underestimating Drone Warfare

The future of conflict is cheap, rapidly manufactured, and tough to defend against.

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE-2025-14847 (CVSS score: 8.7), has been described as a case of improper handling of length parameter inconsistency, which arises when a program fails to appropriately tackle scenarios where a length field is inconsistent with the

First verified SHA-256 second-preimage collision: Structural analysis of the W-schedule vulnerability

submitted by /u/No_Arachnid_5563
[link] [comments]

From AI to analog, cybersecurity tabletop exercises look a little different this year

Practice makes perfect

It's the most wonderful time of the year … for corporate security bosses to run tabletop exercises, simulating a hypothetical cyberattack or other emergency, running through incident processes, and practicing responses to ensure preparedness if when a digital disaster occurs.…

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a "security incident" that led to the loss of approximately $7 million. The issue, the multi‑chain, non‑custodial cryptocurrency wallet service said, impacts version 2.68. The extension has about one million users, according to the Chrome Web Store listing. Users are advised to

From video games to cyber defense: If you don't think like a hacker, you won't win

In supercharged AI race, defenders need to keep up

interview According to Remedio CEO Tal Kollender, the only way to beat the bad guys hacking into corporate networks is to "think like a hacker," and because not everyone is a teenage hacker turned cybersecurity startup chief executive, she built an AI to do this.…

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System (DNS) requests to deliver its signature MgBot backdoor in attacks targeting victims in Türkiye, China, and India. The activity, Kaspersky said, was observed between November 2022 and November 2024. It has been linked to a

8 ways to get more iPhone storage today - and most are free

Running out of iPhone space? Don't panic-buy a new phone or more iCloud+. Here's how to free up space fast.

Oura Ring 3 vs Oura Ring 4: I've tested both smart rings, and the winner is not so obvious

The Oura Ring 4 is one of the best products I've tested; however, it's also quite expensive. Here's how to decide between the newest model and its predecessor.

The best 98-inch TVs of 2025: Cinema-sized and expert tested

A 98-inch TV can help create a truly cinema-like experience in the comfort of your own home. We've tested the best from brands like Hisense, TCL, and Sony.

LangGrinch: A Bug in the Library, A Lesson for the Architecture

submitted by /u/hfti
[link] [comments]

How do you handle daily news fatigue? Looking for feedback on a curation project.

submitted by /u/Big-Engineering-9365
[link] [comments]

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt injection. LangChain Core (i.e., langchain-core) is a core Python package that's part of the LangChain ecosystem, providing the core interfaces and model-agnostic abstractions for building

How AI could close the education inequality gap - or widen it

As schools and universities take varying stances on AI, some teachers believe the tech can democratize tutoring. Here's how - and where the drawbacks lie.

How To Tell If Your Smart TV Spying on You

From their original design as simple broadcast receivers, today’s televisions have evolved into powerful, internet-connected entertainment hubs. Combining traditional viewing with online capabilities, smart TVs provide instant access to streaming platforms, web browsing, voice assistants, and personalized recommendations. 

As our TVs have grown smarter, however, they’ve also become gateways to new privacy and security challenges. In a chilling echo of George Orwell’s dystopian novel 1984, it’s possible that Big Brother, or in this case, Big Hacker, might be surveilling you through your own television.

In 2013, evidence emerged that smart TVs can be just as vulnerable to hacking as home computers, following an investigation by security analysts Aaron Grattafiori and Josh Yavor at iSEC Partners. Working with smart TV manufacturers to address potential vulnerabilities, the analysts presented their findings at the Black Hat network security conference in Las Vegas. Their demonstration highlighted the concerning possibility of smart TVs not only physically surveilling you through the built-in camera but also prying deeper into your personal life by collecting data on your web searches, app usage, and preferences.

Smart TV hacking entry points

Smart TVs can be hacked in several ways, but the gateway that opens your smart TV to these attacks is the IP address, which links with internet-driven apps such as Facebook and YouTube, as well as video streaming services, microphones, and even internal cameras. Because smart TVs often run the same code as computers and smartphones, such as JavaScript or HTML5, they are also susceptible to malware and spyware attacks. These are some of the ways your device can be hacked:

• Outdated firmware: When you don’t regularly update your TV’s software, you leave known security holes wide open for cybercriminals to enter. These updates often include security patches, but many users ignore update notifications.
• Unsecure downloads or sideloads: When you download apps from unofficial sources or use older apps with poor security, you invite malware into your living room. Additionally, weak Wi-Fi settings at home create an opening for hackers to access not just your TV but your entire network.
• Weak login habits: Using the may include background services you are unaware of, which allow criminals to access your smart TV once they’ve compromised your other accounts. Smart TVs could even have background services you might not know about, creating additional attack points.
• Compromised physical connections: Infected HDMI devices or USB drives could introduce malware into your system. Once hackers gain access to your smart TV, they can use it to move through your home network and other connected devices.

Spying beyond physical surveillance

Once a hacker has compromised your smart TV, they can spy on you through several built-in technologies that collect data on your viewing habits, conversations, and online activities.

• Automatic Content Recognition (ACR): This is a common spying method that analyzes audio or video snippets from your content. It then packages and sells this data to advertisers, who use it to create profiles of your entertainment preferences for customized advertising. 
• Voice assistants and listening microphones: Many smart TVs include voice control features that activate when you say specific wake words. These microphones can capture private conversations, even when the TV is “off” and on standby mode. This data could be processed by third-party voice recognition services, creating potential eavesdropping risks.
• Built-in or plug-in cameras: These enable video calling and gesture control features, but they also create opportunities for unauthorized surveillance and privacy vulnerabilities. Smart TVs with cameras could be accessed by hackers or malicious software.
• App-level tracking and advertising IDs: Similar to smartphone apps, smart TV apps also collect data on your usage and preferences through unique advertising identifiers, which build comprehensive profiles for targeted marketing. Your Netflix viewing habits might influence ads you see on YouTube or other platforms.
• Data sharing with third parties: TV manufacturers often share collected data with advertising networks, content providers, and data brokers to create extensive digital profiles. This information can include viewing schedules, app usage, voice recordings, and even household demographic insights.
• Privacy settings: Most smart TVs offer settings to disable ACR, limit voice recording, and opt out of personalized advertising. Look for “Privacy,” “Viewing Data,” or “Interest-Based Advertising” options in your TV’s settings menu. However, these settings may reset after software updates.
• Network behaviors: Your smart TV communicates with various servers, sending viewing data, software telemetry, and usage statistics even when you’re not actively using smart features. Router logs often show smart TVs making hundreds of network connections per day to advertising and analytics services.

The key to managing these privacy risks is understanding what data your TV collects and taking control through privacy settings, network restrictions, and informed usage decisions. 

Types of data that smart TVs collect

• Viewing history, content preferences, and navigation patterns: Your smart TV tracks what shows, movies, and channels you watch, how long you view them, and when you pause or skip content. This data helps TV manufacturers and streaming app providers understand your entertainment preferences and suggest personalized content.
• Device identifiers and technical data: Your TV collects unique device identifiers, IP addresses, Wi-Fi network information, and technical specifications. In turn, manufacturers use this data for device management, software updates, and to link your viewing activity across different sessions and devices.
• Advertising IDs and marketing data: Smart TVs generate unique advertising identifiers that track your activity for targeted advertising. Third-party advertisers and data brokers use these IDs to build detailed profiles for marketing campaigns and to measure ad effectiveness across different platforms.
• Voice recordings and search queries: Your voice commands or searches are recorded and processed by the manufacturer’s servers or third-party speech-recognition services to improve voice-recognition accuracy and deliver search results.
• Geolocation and network information: Your smart TV can determine your approximate location through your IP address and Wi-Fi network details. This geographic data helps content providers offer region-specific programming and advertising.
• Diagnostic and performance data: Smart TVs collect technical performance metrics, error logs, and usage statistics to help manufacturers and software partners identify issues, improve software performance, and develop new features. 

Take control of your data

Your smart TV data typically flows to multiple parties. It starts with the device manufacturer for product improvements, then to streaming app providers for content recommendations, on to advertising networks for targeted marketing, and analytics companies for usage insights. Recent regulatory guidance emphasizes that you should have clear visibility into these data-sharing relationships through your TV’s privacy policy.

You can limit data collection by disabling Automatic Content Recognition (ACR) in your TV’s privacy settings, turning off personalized advertising, and regularly reviewing app permissions. Consumer protection agencies require smart TV manufacturers to provide opt-out mechanisms for advertising personalization and data sharing with third parties.

Stop the spying

Fortunately, you can significantly reduce your smart TV risks with some simple preventive measures:

1. Check your TV’s privacy and ACR settings: Navigate to your smart TV’s settings menu and look for privacy, data collection, or “Automatic Content Recognition” (ACR) options, and disable or limit that function to prevent the tracking of your viewing behaviors and preferences. 
2. Review consent prompts after software updates. When you see pop-ups asking for consent to new terms, take a moment to read what you’re agreeing to. You can often decline optional data sharing while keeping essential functionality. 
3. Monitor your ad personalization settings: Look for advertising or marketing preferences in your settings menu, and opt out of personalized advertising to reduce the data collected about your viewing patterns.
4. Audit app permissions and microphone access: Smart TV apps may request access to features such as your microphone, camera, or network information. Review which apps have these permissions. Voice assistants and video calling apps may need microphone access, but streaming apps typically don’t require these sensitive permissions.
5. Monitor network activity: Check your router’s device list to see if your smart TV is unusually chatty with unknown servers. Many modern routers also offer parental controls or privacy features that can limit your TV’s internet access to only essential functions.
6. Perform security audits on major platforms: Roku, Samsung Tizen, LG webOS, and Android TV each offer basic privacy controls in their main settings. Look for “Privacy,” “Ads,” “Data Collection,” or “Viewing Information” to take control regardless of your TV model.
7. Check for physical indicators and hardware controls: Many newer smart TV models don’t include cameras, but if yours does, you’ll often find a physical privacy shutter or the ability to disable it in settings. For voice features, look for microphone mute buttons on your remote or TV itself.
8. Stay updated: Ensure your apps are updated regularly to maintain the security of your TV and its apps. The digital world is full of bugs waiting for a chance to invade your device, so don’t let outdated apps provide them the perfect entry point. 
9. Use social media sparingly: Social media sites are notorious hunting grounds for identity thieves. Restrict the use of these apps to your computer, smartphone, or tablet, and ensure they have comprehensive security protection to guard your devices, identity, and data.

Standby versus fully off

Most smart TVs don’t fully turn off when you press the power button; they enter standby mode to enable quick startup. In this state, certain components may remain active and continue collecting data. It might maintain network connectivity to receive software updates, keep microphones and voice assistants ready to respond to wake words, or continue ACR that tracks your viewing habits.

To truly disconnect your TV from potential monitoring, you have several options:

1. Look for a physical mute switch on your remote or TV for the microphone. This provides a hardware-level disconnect that software can’t override.
2. You can unplug your TV entirely when not in use or connect it to a power strip that you can easily switch off to cut all power.
3. For a more permanent solution, dive into your TV’s privacy settings to disable ACR tracking, turn off voice activation features, and restrict background data collection. 
4. You can also disconnect your TV from Wi-Fi entirely if you primarily use external streaming devices, which gives you more control over what data gets shared.

FAQs about Smart TVs

Do all smart TVs have cameras?

It depends on your specific smart TV model and its manufacturing date. Most modern smart TVs manufactured after 2022 do not include built-in cameras. Major manufacturers such as Samsung, LG, Sony, and TCL have largely moved away from integrating cameras directly into their television sets due to privacy concerns and limited consumer adoption. 

Some premium models and older smart TVs from 2018-2021 may still feature built-in cameras designed typically used for:

• Video calling: Apps such as Zoom or Google Meet allow you to make calls from your TV
• Gesture control: Hand movements enable you to navigate menus and control functions 
• Facial recognition: Based on who is watching, smart TVs can personalize content recommendations
• Voice assistant integration: Some cameras work with microphones to enhance smart assistant features

If your smart TV does have a camera, you still have control, as most smart TVs with cameras include physical privacy shutters, software controls to disable the camera, or the option to cover the lens. For external USB cameras, simply unplugging it ensures that no one can see you through the smart TV.

How do I know if my smart TV has a camera?

To determine if your smart TV has a camera, check the following:

1. The physical TV: Check the top, bottom, and side edges of your TV screen for a small circular lens, typically about the size of a coin. Built-in cameras are typically small lenses located on the top bezel or may retract into the frame. 
2. Quick detection test: In a dimly lit room, shine a flashlight across your TV’s bezel while looking for reflective surfaces. Camera lenses will reflect light differently than the surrounding plastic, appearing as small, glassy circles that catch and reflect the light beam.
3. Camera shutter or privacy cover: TVs with built-in cameras often include a sliding privacy shutter or removable cover. Look for a small plastic piece that can slide over the camera lens area, or a hinged cover that flips up and down.
4. User manual: Your manual will clearly list the camera functionality if it is present. You can also find detailed specs on the product packaging. Look for terms such as “built-in camera,” “video calling,” or “gesture control” in the feature list.
5. Manufacturer’s website: Visit your TV manufacturer’s official support page and enter your exact model number. The detailed product specifications should confirm whether your model includes camera hardware.
6. Camera-related settings: Go to your smart TV’s main settings menu and look for sections labeled “Camera,” “Privacy,” “Microphone,” or “Gesture Control.” If these options exist, your TV likely has camera capability. Many TV models from 2023 include dedicated privacy toggles that let you fully disable camera functions.

If you discover your smart TV has a camera, you can take control of your privacy by disabling it in your TV’s settings, covering it with tape when not in use, or using any built-in privacy shutters.

How can I disable or manage my smart TV camera?

Aside from the precautions listed above, there are other ways you can disable your smart TV’s camera:

• Privacy settings: Navigate to your smart TV’s Settings menu, then look for “Privacy,” “Security,” or “Camera” options. Most modern TVs group these controls together to limit the data your device collects and shares.
• Specific apps: Review which apps have camera permissions by going to Settings > Apps > [App Name] > Permissions. Turn off camera access for apps that don’t need it, like streaming services or games. Video calling apps will need camera access to function properly.
• Gesture and voice control: Disable motion-sensing and voice-recognition features in your TV’s accessibility or interaction settings, as these features often require the camera and microphone to be active.
• System update resets: Smart TV updates can sometimes reset your privacy settings to defaults. After each update, take a few minutes to verify your camera and microphone settings remain off as you configured them.
• Network-level protection: For tech-savvy users, consider setting up router-level controls to monitor or restrict your smart TV’s internet connections. Some routers allow you to block specific domains or limit device communication, adding another layer of control over what data your TV can share.
• Automatic security updates: Keep your smart TV’s firmware up to date by enabling automatic updates. Manufacturers regularly release security patches that address vulnerabilities to protect you from potential threats.
• Dedicated guest network: Consider connecting your smart TV to a separate Wi-Fi network from your main devices. This limits potential access to other connected devices in your home if your TV’s security is ever compromised.

Final thoughts

If the thought of your living room turning into a hacker’s surveillance paradise sends a chill down your spine, you’re not alone. Fortunately, you can take some protective measures that keep your smart TV safe.

One of the best ways to protect yourself is to stay informed about the latest developments in smart TV security. Attend webinars, read articles, and follow experts in the field to stay current with the latest security threats and fixes. 

Just as importantly, small but effective digital habits will also fortify your smart TV security: keep your TV’s firmware updated, stick to official app stores, secure your home Wi-Fi with strong encryption, use unique passwords for your devices, limit the use of social media and messaging apps on your TV, and be cautious about what you plug into your TV’s ports. 

By following these recommendations, you can continue to relax in your living room and enjoy your digital entertainment experience without compromising your privacy and security.

The post How To Tell If Your Smart TV Spying on You appeared first on McAfee Blog.

What Are the Risks of Clicking on Malicious Links?

A simple click of a link can’t cause any trouble, right? Wrong.

It doesn’t matter if you quickly close out of a window. It doesn’t matter if you only take a quick peek and don’t touch anything else while you’re on a risky webpage. Often, just clicking on a single link can compromise your device, online privacy, and even your personal information. The mere action of clicking a suspicious link could expose you to malware, scams, or identity theft.

Here’s everything you need to know to recognize, steer clear of, and take the proper action in case you accidentally click on a questionable link.

Consequences of clicking on a risky link

A risky link is any hyperlink that redirects you to an unexpected and possibly compromised webpage. Often, these webpages trick visitors into divulging personal information or automatically download malicious payloads (viruses, malware, spyware, etc.) onto your device. 

Email remains the most frequent delivery method, with phishing messages designed to look like urgent notifications from trusted companies. A variation of this is SMS phishing or “smishing,” where attackers send sketchy links through text messages claiming package delivery issues. Another common method involves sending malicious links via direct messages on social media, where compromised accounts target their contact lists. According to the Federal Trade Commission (FTC), $70 million was lost to phishing and spoofing in 2024. 

Hackers could also use your browser to deliver their criminal work. In drive-by downloads, for instance, simply visiting a compromised webpage can automatically install malware on your device without any additional action from you. Outdated browsers and plugins are another entry point for cybercriminals to gain unauthorized access to your system. 

A bad link might also direct you to a fake login page that looks identical to a legitimate site, such as your bank. Any information you enter on these fraudulent pages goes directly to scammers, who can then access your real accounts.

Meanwhile, mobile malware is a vast category of malicious software that often makes its way onto devices through infected links. Malware can spy on you, monitor your keystrokes, infect your device with a botnet, and ultimately compromise your device and the information it stores.

Risk factors as entry points 

As threat actors continuously adapt their tactics to circumvent security solutions, one critical factor that determines your risk level is your device’s security posture. A device with updated software, a modern browser, active antivirus protection, and restricted permissions is far less likely to be compromised by a malicious site or download. Conversely, outdated systems, unpatched vulnerabilities, or disabled security features create easy openings for attackers to exploit. 

Another risk factor is the rhythm or pace at which you operate your devices. As artificial intelligence tools are increasingly helping scammers and phishers disguise their malicious links to look more believable, you will need to slow down, control the impulse to click, and take a minute to intentionally look at what you are doing. If you read quickly, you could accidentally click a malicious link and fall for a scam.

Check before you click

Even the most convincing messages can hide dangerous links. Before you click on anything, it’s worth taking a few seconds to verify where that link actually leads. These quick checks can help you spot red flags and avoid landing on malicious or fraudulent websites designed to steal your information.

• Be skeptical: It seems pessimistic, but reserve a bit of skepticism for every incredible deal, unbelievable discount, or free download you encounter online. Just because an email advertises on Facebook doesn’t mean it’s a legitimate organization. Its real business might not be selling t-shirts but phishing for personal information. Scammers often hide their malicious links behind clickbait.
• Look before you click: On your desktop, hover over any link to see the destination URL appear at the bottom of your browser window or in a tooltip. On mobile, press and hold your finger over the link for a few seconds to preview where it leads. Look for misspellings in domain names, suspicious characters, or URLs that don’t match what you’d expect from the sender.
• Pay attention to prompts: When a website requests your approval to download files, access your camera, or run scripts, pay careful attention. Legitimate sites rarely need extensive permissions for basic browsing, so unusual permission requests should raise immediate red flags.
• Verify website security indicators: Check that the site uses HTTPS, viewable through a lock icon in your browser’s address bar. Be especially cautious with shortened links such as bit.ly or tinyurl.com. Expand them first using preview tools or browser extensions that show the full destination before clicking.
• Use URL inspection tools: When you’re unsure about a link, copy and paste it into reputable URL checking services that scan for malicious content. Many browsers have built-in safe browsing warnings that alert you to potentially dangerous sites.
• Analyze the context and sender: Consider the sender and whether the message feels urgent or too good to be true. Scammers often create artificial urgency with phrases such as “act now” or “limited time.” If the sender is someone you know, verify through a different channel that they actually sent it.
• For sensitive activities, go directly to official sites: Open a new browser tab and type the website address yourself to avoid convincing-looking fake sites designed to steal your credentials. Never click links in emails or messages for banking, shopping, or other sensitive activities.
• Trust your instincts: If something feels off about a message or a link, take a moment to think and investigate. A few seconds of caution can prevent hours of cleanup and millions of dollars in recovery.

So you clicked. What next?

If you’ve accidentally clicked a phishing link, don’t panic, but do act fast. Quick, calm steps can make all the difference in preventing further damage. Here’s what to do right away to secure your device, accounts, and personal information.

1. Disconnect from the internet immediately: If you’re on Wi-Fi, turn off your wireless connection or unplug your ethernet cable. This prevents malicious software from communicating with remote servers or downloading cyber threats onto your device.
2. Do not enter any personal information: If the bad link directed you to a login page or form requesting credentials, close the browser tab immediately. Never input passwords, Social Security numbers, banking details, or other sensitive data on pages you’ve reached through suspicious links.
3. Run a comprehensive security scan: Perform a full system scan using your antivirus software to detect and remove any malware that may have been downloaded when you clicked the link. Allow the scan to complete entirely, even if it takes several hours.
4. Change your passwords immediately: From another uncompromised device, revise your login credentials. Start with your most critical accounts, email, banking, and financial services, followed by social media, work accounts, and shopping sites. Use strong, unique passwords for each account to prevent credential stuffing attacks.
5. Enable multi-factor authentication (MFA): Strengthen the security of your accounts by enabling MFA wherever possible to reduce the risk of unauthorized access, even if criminals have obtained your login credentials through a phishing attempt.
6. Review your account activity: Check recent login attempts, transaction histories, and account settings across all your important accounts. Look for unauthorized changes, unfamiliar devices, or suspicious activity that occurred around the time you clicked the link.
7. Review and revoke access for suspicious apps: Review and remove any unfamiliar applications or browser extensions that have access to your accounts. Phishing attacks sometimes attempt to install malicious browser extensions or authorize fraudulent apps.
8. Clear your browser data: Delete your browsing history, cookies, and cached files to remove any potentially malicious code or tracking cookies that could compromise your future browsing sessions.
9. Report the phishing attempt: Forward suspicious emails to your email provider’s spam team and report the incident to the FTC. If you received the link via text, report it to your mobile carrier. These steps protect others from falling victim to the scheme.
10. Consider credit monitoring and identity protection: If you suspect your personally identifiable information was compromised, place a fraud alert on your credit reports and consider freezing your credit. Monitor your financial statements closely for unauthorized transactions and unusual activity in the weeks following the incident.

Get support from the right tools

Even with your strong digital habits and awareness, it’s easy for something to slip through the cracks. With the right technology that catches potential threats before they reach you, you can browse, message, and shop online without worry.

McAfee’s Scam Detector proactively alerts you and automatically protects you the moment it detects a scam link in your texts, emails, or on social media. If you accidentally click on a scam link, the app will block the malicious webpage from loading. The more you use this artificial intelligence-powered tool, the smarter it becomes. 

Final thoughts

Protecting yourself from those risky phishing links doesn’t require becoming a security expert. It only takes simple habits to dramatically reduce these threats. Take a moment to be intentional and alert, and make informed choices about the links you encounter. 

By taking time to verify URLs, staying reasonably skeptical, enabling automatic updates, trusting your instincts, and relying on trusted security tools for safe browsing and scam detection, you can create powerful barriers against cybercriminals.

Whether you’re browsing social media, checking emails, or exploring new websites, that brief pause to assess whether a link looks legitimate can be the difference between safety and falling victim to sketchy links and credential theft. Share these simple safety practices with your family members, especially those who might be less familiar with online threats, because collective awareness makes everyone safer.

The post What Are the Risks of Clicking on Malicious Links? appeared first on McAfee Blog.

[webapps] FreeBSD rtsold 15.x - Remote Code Execution via DNSSL

FreeBSD rtsold 15.x - Remote Code Execution via DNSSL

[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie

Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie

[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection

WordPress Quiz Maker 6.7.0.56 - SQL Injection

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut “hacker stories” now looks more like a mirror of the systems we all use. This week’s findings show a pattern: precision, patience, and persuasion. The

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs. The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors in the activity, with one of the

CSRF Protection without Tokens or Hidden Form Fields

submitted by /u/AlmondOffSec
[link] [comments]

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet on Wednesday said it observed "recent abuse" of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations. The vulnerability in question is CVE-2020-12812 (CVSS score: 5.2), an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to log in successfully without being prompted for the second factor of authentication if the

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 (CVSS score: 8.8), relates to a case of command injection that allows post-authentication remote code

WebSocket RCE in the CurseForge Launcher

submitted by /u/elliott-diy
[link] [comments]

Why I prefer this $200 Motorola phone over Samsung and Google's budget models

The 2026 Moto G sticks to last year's tried and trusted formula, offering a decent midrange experience.

Pen testers accused of 'blackmail' after reporting Eurostar chatbot flaws

AI goes off the rails … because of shoddy guardrails

Researchers at Pen Test Partners found four flaws in Eurostar's public AI chatbot that, among other security issues, could allow an attacker to inject malicious HTML content or trick the bot into leaking system prompts. Their thank you from the company: being accused of "blackmail."…

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that's delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple's Gatekeeper checks. "Unlike earlier MacSync Stealer variants that primarily rely on drag-to-terminal or ClickFix-style techniques, this sample adopts a more

I was jealous of MacOS 26 users, until I realized Windows PCs already had these 4 features

Apple's latest MacOS 26 has a slew of useful features - but a few of them appeared on Windows first, including one that dates back decades.

My AirTags kept dying, so I switched to this tracker that lasts for five years

An AirTag battery failure at the wrong time can leave your gear vulnerable. Elevation Lab's Time Capsule solves this problem.

Ubuntu's new opt-in, open-source telemetry is a win-win for Linux users - here's why

The collection of user data has become a contentious issue for people worldwide. Fortunately, Canonical has shown how it can be done right.

US shuts down phisherfolk’s $14.6M password-hoarding platform

Crooks used platform to scoop up and store banking credentials for big-money thefts

The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.…

I tried the viral Fairphone 6, and it's one feature away from replacing my Pixel

If you're tired of phones designed for planned obsolescence, Fairphone might be your next favorite mobile device.

certgrep: a free CT search engine

submitted by /u/JDBHub
[link] [comments]

Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

The fraudulent investment scheme known as Nomani has witnessed an increase by 62%, according to data from ESET, as campaigns distributing the threat have also expanded beyond Facebook to include other social media platforms, such as YouTube. The Slovak cybersecurity company said it blocked over 64,000 unique URLs associated with the threat this year. A majority of the detections originated from

Technical Deep Dive: How Early-Boot DMA Attacks are bypassing IOMMU on modern UEFI systems

submitted by /u/Imaginary-Ad-8278
[link] [comments]