Your router protects your home network from the internet. Or it’s supposed to. Two major vendors just proved it doesn’t. 😅

ASUS: CVE-2025-59367 (CVSS 9.3) TP-Link: CVE-2025-7850 + CVE-2025-7851 (CVSS 9.3 + 8.7)

Both disclosed November 2025. Both critical. Both letting attackers walk right in.

ASUS routers: No password required.

The vulnerability affects ASUS DSL-AC51, DSL-N16, and DSL-AC750 routers. Authentication bypass.

If your router’s management interface is exposed to the internet, an attacker can connect remotely without any credentials. No username. No password. Direct admin access.

Nearly every modern Smart TV has ACR technology. You’ve probably never heard of it. (Most people haven’t. Stick with me…) It’s there. On almost every Smart TV. And it’s tracking everything on your screen.

Not just Netflix. Not just YouTube. EVERYTHING.

→ Playing PlayStation? Tracked. → Watching cable TV? Tracked. → Using Chromecast or Fire Stick? Tracked. → Private security camera footage? Tracked.

If it appears on your screen, your TV is watching it, recording it, and sending that data somewhere else.

Your Docker container? It just walked right out the front door. 😏

Three vulnerabilities just got patched. November 5th. CVE-2025-31133, CVE-2025-52565, CVE-2025-52881.

Docker, Kubernetes, AWS, Google Cloud. All of them.

Here’s what happened:

→ Attackers can break OUT of your container
→ Get root access on your HOST system
→ Bypass every security layer you thought was protecting you

Let me show you how bad this really is.

The Vulnerabilities

CVE-2025-31133 - Replace one file with a fake link. RunC thinks it’s mounting something safe. Instead? You’re writing directly to the system kernel. Container escape. Done.

Your Windows Kernel has a race condition. You’ve probably never thought about race conditions. (Most people haven’t. But stick with me…) It’s there in EVERY Windows version currently supported. And it’s being actively exploited right now. ⚡🎯

CVE-2025-62215. CVSS score 7.0. Confirmed exploitation in the wild.

Here’s what that actually means:

When multiple processes try to access the same kernel resource at the exact same time, there’s a tiny window where things can go wrong. An attacker who already has access to your system can exploit that split-second timing gap to escalate privileges.

Ethical Hacking Complete Course Zero to Expert

When I first successfully hacked a system years ago, I had to step away from my computer. It blew my mind… what was this power I had in my hands? That moment changed everything for me.

No, I didn’t learn this from books. I learned by doing. And that’s exactly how you’ll learn in this course.

Are you ready to push the limits, break down the walls?

DarkWebEye

Welcome to DarkWebEye. Explore the unseen depths of the internet with DarkWebEye, a powerful and intuitive tool crafted by Jolanda de Koff. Designed for ethical hackers, cybersecurity enthusiasts, and researchers, DarkWebEye offers a secure and efficient way to search the dark web through the Ahmia search engine.

Your Gateway to the Hidden Web

DarkWebEye:

Where Curiosity Meets the Hidden - Journey Through the Dark - Seeking Secrets in the Shadows

Introduction

Welcome to DarkWebEye. This tool, crafted by me, Jolanda de Koff, is designed to help you explore the hidden parts of the web safely and efficiently. DarkWebEye uses the Ahmia search engine to provide a streamlined way to find specific content on the dark web. It’s perfect for cybersecurity enthusiasts, ethical hackers, and researchers.

Clear Your Tracks on Linux

In this article and video, I show you how to clear your tracks in Linux. This is very important if you are a penetration tester, an ethical hacker, or a cyber security expert.

Clear Your Tracks The Final Step

It is one of the biggest mistakes an attacker makes to let a track behind.

If you see the biggest attacks in the past years, most of the detection was made really easy from the malware that the black hat hacker(s) have left, which they didn’t clear. Many of the “best hackers” got caught this way.

Hands-On Guide to Wireshark and Tshark: A Deep Dive into Network Analysis

Introduction

Introduction

Wireshark and Tshark: two names that anyone in network analysis, ethical hacking, or cybersecurity will know well. These aren’t just tools; they’re like gateways to understanding the complex web of network communications that underpin our digital world. In this guide, we’re going deep into the heart of these tools, starting with the basic features that make them so valuable and gradually working our way up to the more sophisticated and nuanced aspects of their use.

Before we delve into this critical topic, let me emphasize the gravity of DNS settings in the realm of ethical hacking. Whether you’re a seasoned professional or just starting out, understanding the nuances of DNS settings is pivotal to your career.

In the world of ethical hacking, there are several key factors that can determine your success or failure. However, one aspect that’s often overlooked, even by seasoned professionals, is the Domain Name System (DNS). Before we explore the labyrinthine nuances of hacking, security, and online anonymity, it’s imperative to address the elephant in the room: the critical importance of your DNS settings.

Ethical hacking techniques with SSH: Secure tunnels and data transfers

Introduction

Welcome to this comprehensive guide on Ethical hacking techniques with SSH: Secure tunnels and data transfers. In this easy-to-follow guide, you’ll get the inside scoop on why secure tunnels and data transfers are the unsung heroes of ethical hacking. Plus, you’ll learn how to up your cybersecurity game with the help of Secure Shell (SSH).

Why is Ethical Hacking Important?

Ethical hacking, often termed as ‘white-hat hacking,’ is the practice of intentionally probing systems for security vulnerabilities. The primary purpose is to discover weaknesses from a malicious hacker’s viewpoint to better secure systems.