Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

MQTT

CERT-UA advisory outlines PLUGGYAPE campaign using Signal and WhatsApp against Ukrainian forces

Cybercrime, News, Research

January 14, 2026

A CERT-UA advisory says PLUGGYAPE was used in October to December 2025 attacks on Ukrainian defense forces. Delivery used Signal and WhatsApp links to passworded archives that installed a PyInstaller executable and a Python backdoor.
Researchers Say YoLink Smart Hub Vulnerabilities Could Let Attackers Control Locks

News, Research, Risk, Vendors, Vulnerabilities

October 3, 2025

Researchers at Bishop Fox have disclosed multiple vulnerabilities in the YoLink Smart Hub v0382 that can bypass authorization, expose credentials over unencrypted MQTT, and allow attackers to control devices including smart locks; the manufacturer has not yet issued a patch.

About
Editorial Policy
Privacy
Contact