Hardware

The ACE3 controller, which is an integral component to the management of charging and data transfer tasks in Apple devices, was compromised using reverse-engineering techniques to exploit weaknesses in its firmware and communication protocols.

Ättestupa, Moxa, Typhoons, WordPress, Likert Scales, Algol, Josh Marpet, and more on the Security Weekly News. 0:00 Intro & New Year Welcome 1:10 Zero Trust World 2025 Announcement 1:49 Threat Locker Overview 2:36 Moxa Device Vulnerabilities 5:22 Salt Typhoon & Telecom Breaches 9:40 WordPress Phishing Plugin 19:12 AI Simulations &...

XSS is the number one threat?, fix your bugs faster, hacking VoIP systems, AI and how it may help fuzzing, hacker gift guides, new DMA attacks, hacking InTune, Rhode Island gets hacked, OpenWrt supply chain issues, we are being spied on, Germans take down botnet, Bill and Larry are speaking at Shmoocon!, and TP-Link bans.

If you've ever wondered how attackers could go after payphones that are "smart" we got you covered! Inbar has done some amazing research and is here to tell us all about it! Segment Resources: https://www.retro.unarmedsecurity.net/post/%D7%9E%D7%A1%D7%AA%D7%91%D7%A8-%D7%A9%D7%92%D7%9D-%D7%98%D7%9C%D7%A4%D7%95%D7%9F-%D7%A6%D7%99%D7%91%D7%95%D7%A8%D...

The hosts discuss hacker gadgets! We'll cover what we've been hacking on lately and discuss gadgets we want to work on in the future and other gadgets we want to get our hands on. Paul has been working with some M5Stack devices, a guide can be found here: https://securitypodcaster.com/m5stack-hacking-guide/ We will cover the Clockwork PI "uConso...

This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to become public, do malware care if it's on a hypervisor?, MicroPython for fun and not for hacking?, an unspecified vulnerability, can you exploit speculati...

Air gaps are still not air gapped, making old exploits new again, chaining exploits for full compromise, patching is overrated, SBOMs are overrated, VPNs are overrated, getting root with a cigarette lighter, you can be any user you want to be, in-memory Linux malware, the Internet Archive is back, we still don't know who created Bitcoin, unhackable...