Company bragged phone mics could listen to conversations. They couldn’t.

A media company and two of its marketing partners have been fined for selling a service which, they said, listened in to people's conversations through their phones. Actually they did nothing of the sort. Most people have worried at some point that their phone has been listening to them through t...

‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says

Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists...

TikTok, YouTube, and Roblox face scrutiny, but age gates won’t fix child safety

A damaging new report from Ofcom, the UK's communications regulator, has delivered a stark verdict: TikTok and YouTube's content feeds are "not safe enough" for children. This isn't just another regulatory slap on the wrist. Ofcom is putting out a wake-up call for anyone working in cybersecurity,...

CVE-2026-40134

Due to insufficient authorization checks in the SAP Incentive and Commission Management application, authenticated users could invoke a remote-enabled function module to perform table update operations. This vulnerability has a low impact on integrity with no impact on confidentiality and...

CVE-2026-40134

CVE-2026-40134 – SAP Incentive and Commission Management: The vulnerability arises from insufficient authorization checks that allow authenticated users to invoke a remote-enabled function module to perform table update operations. The impact is described as low on integrity with no impact on con...

CVE-2026-40134 Missing Authorization Check in SAP Incentive and Commission Management

Due to insufficient authorization checks in the SAP Incentive and Commission Management application, authenticated users could invoke a remote-enabled function module to perform table update operations. This vulnerability has a low impact on integrity with no impact on confidentiality and...

PT-2026-39927

Due to insufficient authorization checks in the SAP Incentive and Commission Management application, authenticated users could invoke a remote-enabled function module to perform table update operations. This vulnerability has a low impact on integrity with no impact on confidentiality and...

SAP Incentive and Commission Management 安全漏洞

SAP Incentive and Commission Management is a business management platform developed by German company SAP, dedicated to sales incentives, commission calculations, and performance management. There is a security vulnerability in SAP Incentive and Commission Management. This vulnerability stems fro...

ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories

Bad week. Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal. Some of these attack chains don’t even feel sophisticated anymore. More like...

The FCC Has a Fast Lane for Complaints About Trump’s Media Critics

Internal emails obtained by WIRED reveal how a conservative legal group with a direct line into FCC chairman Brendan Carr’s office built the case against Jimmy Kimmel and his employees...

CVE-2025-3756 Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850

A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication...

ShinyHunters Claims 350GB Data Breach at European Commission

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet...

MAL-2026-2202 Malicious code in @emilgroup/commission-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cda98ba417752b6bf4aef7eb0ecf7410017226165423202ca4d5886f370478 The package @emilgroup/commission-sdk was found to contain malicious code. Source: google-open-source-security...

Malicious code in @emilgroup/commission-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cda98ba417752b6bf4aef7eb0ecf7410017226165423202ca4d5886f370478 The package @emilgroup/commission-sdk was found to contain malicious code. Source: google-open-source-security...

US Bans New Foreign-Made Home Routers Over National Security Fears

The FCC has officially added foreign-made consumer routers to its restricted Covered List, citing major cybersecurity risks. Find out what it means for your current devices...

New FCC router ban could leave home networks less secure

On Monday, the Federal Communications Commission FCC updated its list of insecure equipment, outlining its reasons for adding all consumer-grade routers made outside the US. Effectively, this would stop foreign-made routers from being imported unless their manufacturers obtain an exemption, due t...

Malicious code in @emilgroup/commission-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85f1482a778fd65de3055f40733fdf55e9e0e2c3495dda2c72ff686d0841b91c The package @emilgroup/commission-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2043 Malicious code in @emilgroup/commission-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85f1482a778fd65de3055f40733fdf55e9e0e2c3495dda2c72ff686d0841b91c The package @emilgroup/commission-sdk-node was found to contain malicious code. Source: ghsa-malware...

Embedded Malicious Code

Overview @emilgroup/commission-sdk is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on...

Embedded Malicious Code

Overview @emilgroup/commission-sdk-node is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released...