firmware update Archives • Page 2 of 3 • Daily CyberSecurity

Rooted via Wi-Fi 7: TP-Link Patches Command Injection in Archer BE230

Rooted via Wi-Fi 7: TP-Link Patches Command Injection in Archer BE230

Do Son February 4, 2026

A new security advisory from TP-Link has disclosed multiple authenticated command injection vulnerabilities affecting its Archer BE230 Wi-Fi...

Root via Telnet: Why You Must Patch Your Synology NAS Against This Decade-Old Ghost Synology Chat Server vulnerabilities Synology security update Synology DSM Update NAS Security Vulnerability Synology VPN Update SSL VPN Vulnerability Synology Telnet Flaw DSM Security Update Synology DSM Telnet vulnerability BeeStation Zero-Day, Pwn2Own RCE CVE-2024-11131 & CVE-2024-10442 CVE-2025-2848 Synology, NAS

Root via Telnet: Why You Must Patch Your Synology NAS Against This Decade-Old Ghost

Do Son February 3, 2026

On January 29, 2026, Synology, a preeminent manufacturer of Network Attached Storage (NAS) solutions, disseminated a series...

WiFi Hijack: Hikvision Patches Command Injection in DS-3WAP Access Points Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

WiFi Hijack: Hikvision Patches Command Injection in DS-3WAP Access Points

Do Son February 3, 2026

Hikvision has rolled out a critical firmware update for its line of wireless access points (APs) to...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

9.8 Broadcast Hijack: Critical KiloView Flaw (CVSS 9.8) Grants Full Control

Do Son February 3, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding a maximum-severity vulnerability in...

High Router Takeover: High-Severity Command Injection Flaw Hits TP-Link Archer MR600

Do Son January 28, 2026

TP-Link has issued a security advisory for its popular Archer MR600 4G+ LTE router, warning of a...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Critical Hard-Coded Keys and Open Doors: Critical Flaws Found in PrismX AP Controllers

Do Son January 21, 2026

A trio of security vulnerabilities has been discovered in Browan Communications’ PrismX MX100 AP Controller, the most...

8.7 CVE-2026-0629: TP-Link VIGI Flaw Lets Attackers Reset Admin Passwords

Do Son January 21, 2026

A critical security vulnerability has been discovered in TP-Link’s VIGI series surveillance cameras, allowing attackers on a...

Critical WhisperPair: Critical Fast Pair Flaw Exposes Headphones to Hijacking WhisperPair Vulnerability Google Fast Pair Flaw

Critical WhisperPair: Critical Fast Pair Flaw Exposes Headphones to Hijacking

Do Son January 20, 2026

Your high-end Bluetooth headphones might be listening to more than just your music. A new report from...

Critical Canon Critical Alert: 7 New Flaws Expose Printers to Remote Hackers CVE-2024-47406 CVE-2025-1268 Canon Printer Vulnerability CVE-2025-14231

CVE-2024-47406 CVE-2025-1268 Canon Printer Vulnerability CVE-2025-14231

Critical Canon Critical Alert: 7 New Flaws Expose Printers to Remote Hackers

Do Son January 16, 2026

Canon has issued a security advisory for its small office and laser printer lineups, warning of seven...

High HPE Aruba Patches High-Severity DoS and Data Leak Flaws in Instant On Devices HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

High HPE Aruba Patches High-Severity DoS and Data Leak Flaws in Instant On Devices

Do Son January 15, 2026

HPE Networking has released a critical software patch for its popular Instant On series of access points...

MediaTek Kicks Off 2026 with Major Security Overhaul for Mobile Chipsets MediaTek Modem Vulnerabilities, January 2026 Security Bulletin MediaTek Vulnerabilities, Chipset Security CVE-2024-20103 & CVE-2024-20100 - CVE-2024-20154 - February 2025 Product Security Bulletin

MediaTek Kicks Off 2026 with Major Security Overhaul for Mobile Chipsets

Do Son January 6, 2026

MediaTek has kicked off the new year with a critical security bulletin, releasing patches for a slew...

9.8 CVE-2025-66848: Critical Flaw in JD Cloud Routers Grants Hackers Root Access

Do Son January 5, 2026

A security vulnerability has been uncovered in a popular line of NAS routers from JD Cloud, potentially...

Critical Hijacked Mobility: CISA Warns of Critical 9.8 Flaw Allowing Remote Control of WHILL Power Chairs WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Critical Hijacked Mobility: CISA Warns of Critical 9.8 Flaw Allowing Remote Control of WHILL Power Chairs

Do Son January 1, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a critical safety vulnerability in...

Critical “Headphone Jacking”: Critical Flaws in Popular Earbuds Let Hackers Hijack Your Phone

Do Son December 29, 2025

Your Bluetooth headphones might be doing more than just playing your favorite tunes—they could be handing over...

9.3 Critical Patch: NVIDIA DGX Spark Flaw (CVE-2025-33187, CVSS 9.3) Exposes AI Secrets to Takeover NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

9.3 Critical Patch: NVIDIA DGX Spark Flaw (CVE-2025-33187, CVSS 9.3) Exposes AI Secrets to Takeover

Do Son November 26, 2025

NVIDIA has issued an urgent security update for its DGX Spark platform, a compact AI supercomputer designed...

8.7 TP-Link Issues Urgent Patch for KP303 Smart Plug Vulnerability (CVE-2025-8627)

Do Son August 26, 2025

TP-Link has issued a security advisory addressing a high-severity vulnerability (CVE-2025-8627) affecting its KP303 Smart Plug, warning...

Charge Smarter: Surface Pro 11 and Laptop 7 Get a Crucial Battery Feature Surface, Smart Charging Copilot+ PC, Windows AI

Charge Smarter: Surface Pro 11 and Laptop 7 Get a Crucial Battery Feature

Do Son August 14, 2025

Microsoft has recently released a firmware update for the Microsoft Surface Pro 11 and Microsoft Surface Laptop...

6.6 TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing! TPM 2.0, Security Vulnerability

6.6 TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing!

Do Son June 12, 2025

A vulnerability in the Trusted Platform Module (TPM) 2.0 reference implementation has been disclosed, potentially allowing attackers...

Critical Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks! ABB Security, EIBPORT Vulnerability

Critical Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks!

Do Son June 5, 2025

ABB has issued a Cyber Security Advisory addressing a critical session management vulnerability affecting its EIBPORT V3...

Critical Critical Remote Code Execution Flaw Hits Lexmark Printers

Do Son May 21, 2025

Lexmark has released a security advisory for a critical vulnerability—CVE-2025-1127—affecting a wide range of its printer models....