HackingPassion.com
👻 home posts ethical hacking course newsletter shop whoami github youtube
HackingPassion.com

Security News

105 posts

/kimwolf-botnet-android-tv-boxes-proxy-exploit/featured-image.jpg
Kimwolf Botnet: 2 Million Android TV Boxes Hacked via Proxy App Vulnerability

January 4, 2026

A botnet just fired 1.7 billion DDoS commands in 72 hours. Attack capacity: nearly 30 Terabits per second. 2 million Android TV boxes sitting in living rooms …

/ffmpeg-heap-overflow-ai-vulnerability-hunter/featured-image.jpg
16-Year-Old's AI Finds Heap Buffer Overflow in FFmpeg EXIF Parser

January 3, 2026

A 16-year-old built an AI that mass-hunts memory bugs. It found 6 vulnerabilities in FFmpeg in December. One was a heap buffer overflow in the EXIF parser. The …

/airoha-bluetooth-backdoor-sony-bose-jbl/featured-image.jpg
70 Million Bluetooth Chips Have a Backdoor: Sony, Bose, JBL Headphones at Risk

January 2, 2026

Your headphones just became a backdoor to your phone. No pairing. No popup. Just Bluetooth range. 70 million chips. Sony. Bose. Marshall. JBL. A debug protocol …

/rondodox-botnet-react2shell-exploit-shotgun/featured-image.jpg
RondoDox Botnet: 56 Exploits, Gaming Traffic Disguise, and Self-Defense Against Recovery

January 1, 2026

RondoDox added React2Shell to its arsenal. 90,000+ servers. 56 vulnerabilities. 30+ vendors. They call it the “exploit-shotgun” approach. Fire …

/libsodium-first-cve-13-years-ed25519/featured-image.jpg
libsodium Gets First CVE After 13 Years: The Two-Line Fix

December 31, 2025

The crypto library behind Discord, WordPress, and Zcash just got its first CVE. After 13 years. 😏 libsodium. You’ve probably never heard of it. But …

/wired-hack-idor-vulnerability-subscriber-data/featured-image.jpg
WIRED Magazine Hacked: 2.3 Million Records Leaked via Basic IDOR Vulnerability

December 30, 2025

WIRED magazine got hacked. 2.3 million subscriber records leaked. And this is just the beginning. 😏 A hacker called “Lovely” dumped the database on …

/rainbow-six-siege-hack-ubisoft-backend-breach/featured-image.jpg
Rainbow Six Siege Hacked: $339 Trillion in Fake Credits, Streamers Banned, CEO Mocked

December 29, 2025

You log into your game. Suddenly, you got $13.3 million in your account. 🥳 You didn’t earn it. Neither did 30 million other players. December 27, 2025. …

/mongobleed-mongodb-memory-leak-cve-2025-14847/featured-image.jpg
MongoBleed: 87,000 MongoDB Servers Leaking Memory Like Heartbleed

December 28, 2025

You trust your database to keep your data safe. MongoDB just proved it doesn’t. 87,000 servers are leaking memory to anyone who asks. 😏 December 2025. …

/fortinet-authentication-bypass-cve-2020-12812-cve-2025-59718/featured-image.jpg
Fortinet Authentication Bypass: A 5-Year-Old Bug Returns While a New One Gets Exploited in 3 Days

December 27, 2025

You buy a firewall to protect your network. In one month, two different authentication bypasses are being actively exploited. One is five years old. One is …

/fake-github-exploits-webrat-malware-security-researchers/featured-image.jpg
Fake GitHub Exploits Target Security Researchers: Download a PoC, Get Malware

December 26, 2025

Attackers are targeting security researchers through GitHub. You downloaded a proof-of-concept exploit from GitHub. Professional README. Detailed instructions. …

/macsync-stealer-apple-notarization-bypass/featured-image.jpg
Apple Approved It: MacSync Stealer Bypasses Notarization to Infect Hundreds of Macs

December 25, 2025

Apple’s security team reviewed this app. Approved it. But now it steals your passwords, crypto wallets, and Telegram account. 😳 Hundreds of Macs infected …

/lotusbail-npm-whatsapp-credential-theft/featured-image.jpg
Malicious npm Package Stole WhatsApp Messages for 6 Months: 56,000 Downloads

December 24, 2025

56,000 downloads. 6 months online. A WhatsApp library on npm was stealing credentials, messages, and contacts. Nobody noticed. 🤔 The package is called …

/asus-tplink-authentication-bypass-cve-2025/featured-image.png
Your Router Just Failed: ASUS & TP-Link Critical Vulnerabilities (CVE-2025-59367)

November 16, 2025

Your router protects your home network from the internet. Or it’s supposed to. Two major vendors just proved it doesn’t. 😅 ASUS: CVE-2025-59367 …

/cve-2025-31133-docker-container-escape/featured-image.png
Your Docker container? It just walked right out the front door.

November 13, 2025

Your Docker container? It just walked right out the front door. 😏 Three vulnerabilities just got patched. November 5th. CVE-2025-31133, CVE-2025-52565, …

/cve-2025-62215-windows-kernel-race-condition/featured-image.png
Your Windows Kernel Has a Race Condition Being Exploited Right Now

November 12, 2025

Your Windows Kernel has a race condition. You’ve probably never thought about race conditions. (Most people haven’t. But stick with me…) …