Kraken Exchange Faces Extortion After Insider Recorded System Footage

Kraken exchange faces extortion after a staff member misused access to record internal systems, about 2,000 accounts affected, no funds or systems breached...

How Journalists Are Reporting From Iran With No Internet

After strikes killed senior Iranian officials, Iran cut off internet access. Journalists are relying on satellite links, encrypted apps, and smuggled footage to report from inside the country...

CVE-2025-66049

Vivotek IP7137 camera with firmware version 0200a is vulnerable to an information disclosure issue where live camera footage can be accessed through the RTSP protocol on port 8554 without requiring authentication. This allows unauthorized users with network access to view the camera's feed,...

CVE-2018-25139

FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage...

PT-2025-50246

Name of the Vulnerable Software and Affected Versions Selea Targa IP OCR-ANPR Camera affected versions not specified Description The Selea Targa IP OCR-ANPR Camera has an issue allowing remote access to live video streams without requiring authentication. Attackers can access these streams by...

Flock Uses Overseas Gig Workers to Build Its Surveillance AI

An accidental leak revealed that Flock, which has cameras in thousands of US communities, is using workers in the Philippines to review and classify footage...

EUVD-2025-6684

Malicious code in bioql PyPI...

EUVD-2025-6708

Malicious code in bioql PyPI...

EUVD-2025-5511

Malicious code in bioql PyPI...

CVE-2025-30135

An issue was discovered on IROAD Dashcam FX2 devices. Dumping Files Over HTTP and RTSP Without Authentication can occur. It lacks authentication controls on its HTTP and RTSP interfaces, allowing attackers to retrieve sensitive files and video recordings. By connecting to...

PT-2025-30921 · Iroad · Iroad Dash Cam Fx2

Name of the Vulnerable Software and Affected Versions: IROAD Dashcam FX2 affected versions not specified Description: The IROAD Dashcam FX2 lacks authentication controls on its HTTP and RTSP interfaces, potentially allowing attackers to retrieve sensitive files and video recordings, and view live...

The FBI's Jeffrey Epstein Prison Video Had Nearly 3 Minutes Cut Out

Metadata from the “raw” Epstein prison video shows approximately 2 minutes and 53 seconds were removed from one of two stitched-together clips. The cut starts right at the “missing minute.”...

Metadata Shows the FBI’s ‘Raw’ Jeffrey Epstein Prison Video Was Likely Modified

There is no evidence the footage was deceptively manipulated, but ambiguities around how the video was processed may further fuel conspiracy theories about Epstein’s death...

Sextortion email scammers increase their “Hello pervert” money demands

Every so often the sextortion emails that start with “Hello pervert” get a redesign. You may have received one yourself: The emails claim that the sender has been watching your online behavior and caught you red-handed doing activities that you would like to keep private. The email usually starts...

Self-Driving Car Video Footage

Two articles crossed my path recently. First, a discussion of all the video Waymo has from outside its cars: in this case related to the LA protests. Second, a discussion of all the video Tesla has from inside its cars. Lots of things are collecting lots of video of lots of other things. How and...

How Waymo Handles Footage From Events Like the LA Immigration Protests

Waymo driverless taxis capture troves of video footage in order to operate, but the company reveals very little about how much data is stored—and for how long...

CVE-2024-51362

The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable to an information disclosure issue where live camera footage can be accessed through the RTSP protocol on port 8554 without requiring authentication. This allows unauthorized users with network access to view the camera's feed,...

CVE-2025-30123

An issue was discovered on ROADCAM X3 devices. The mobile app APK Viidure contains hardcoded FTP credentials for the FTPX user account, enabling attackers to gain unauthorized access and extract sensitive recorded footage from the device...

CVE-2025-30123

An issue was discovered on ROADCAM X3 devices. The mobile app APK Viidure contains hardcoded FTP credentials for the FTPX user account, enabling attackers to gain unauthorized access and extract sensitive recorded footage from the device...

CVE-2025-30111

On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication...