Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers


Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.

Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.

Read more…
Source: TechCrunch News


Sign up for our Newsletter


Related:

  • Tech support scam caused massive data breach at Australian airline Qantas

    July 16, 2026

    Australia’s Privacy Commissioner has revealed a tech support scam was the cause of the massive 2025 data breach at Australian airline Qantas and found the carrier didn’t breach its privacy obligations despite leaking personally identifiable information for 5.7 million customers. The Commissioner reached that conclusion, and a decision not to open a formal privacy probe, in ...

  • This fake Apple app can unlock your Mac’s password vault

    July 15, 2026

    CrashStealer is a new macOS infostealer that masquerades as Apple’s CrashReporter component, uses an Apple‑notarized installer to slip past Gatekeeper, tricks users into handing over their password, and then systematically loots browsers, password managers, crypto wallets, and Keychain secrets before exfiltrating them in AES‑encrypted bundles. Researchers have been following the development of CrashStealer since May 2026. It ...

  • New phishing campaign hits LastPass, Bitwarden users

    July 15, 2026

    Criminals have been found impersonating popular password managers LastPass and Bitwarden online in an attempt to trick users into sharing their login credentials, and thus access to a treasure trove of passwords and other secrets. LastPass recently issued a warning to its customers, raising awareness of the ongoing phishing campaign. However the scam also now seems to ...

  • Top AI tools such as OpenClaw and Github Copilot can be hijacked to create new massive botnets

    July 15, 2026

    Your favorite AI service could be subverted to deploy code that turns your phone or PC into a botnet, according to researchers at Intuit, Technion, and Tel Aviv University. The technique has been given the name HalluSquatting, a portmanteau of adversarial hallucination squatting, and is similar to typosquatting in that it relies on a mistake in ...

  • Warning: Scammers are using FaceTime to empty bank accounts

    July 14, 2026

    Apple is urging users to treat any suspicious FaceTime call or message as untrusted, especially if it involves payments, refunds, password resets, or requests for personal information. This warning appears in a broader Apple support article about scams that target iPhone and iPad users through social engineering. Apple says attackers may contact people by phone calls, FaceTime, text ...

  • Microsoft tops last month’s record with 622 Patch Tuesday CVEs

    July 14, 2026

    Remember last month when we were awed by Microsoft’s record-setting Patch Tuesday that addressed 206 CVEs? That was a quaint era compared to this month: Redmond just rolled out patches for 622 CVEs specific to its products, slightly more than tripling last month’s all-time high. Redmond’s Patch Tuesday release is once again one for the record books, with everything under ...