Posts by Negan

TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution

TP-Link fixes four Omada gateway flaws, including two critical bugs enabling remote code execution.

thehackernews.com

TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution.

The vulnerabilities in question are listed below -

• CVE-2025-6541 (CVSS score: 8.6) - An operating system command injection vulnerability that could be exploited by an attacker who can log in to the web management interface to run arbitrary commands
• CVE-2025-6542 (CVSS score: 9.3) - An operating system command injection vulnerability that could be exploited by a remote unauthenticated attacker to run arbitrary commands
• CVE-2025-7850 (CVSS score: 9.3) - An operating system command injection vulnerability that could be exploited by an attacker in possession of an administrator password of the web portal to run arbitrary commands
• CVE-2025-7851 (CVSS score: 8.7) - An improper privilege management vulnerability that could be exploited by an attacker to obtain the root shell on the underlying operating system under restricted conditions

"Attackers may execute arbitrary commands on the device's underlying operating system," TP-Link said in an advisory released Tuesday.

The issues impact the following product models and versions -

• ER8411 < 1.3.3 Build 20251013 Rel.44647
• ER7412-M2 < 1.1.0 Build 20251015 Rel.63594
• ER707-M2 < 1.3.1 Build 20251009 Rel.67687
• ER7206 < 2.2.2 Build 20250724 Rel.11109
• ER605 < 2.3.1 Build 20251015 Rel.78291
• ER706W < 1.2.1 Build 20250821 Rel.80909
• ER706W-4G < 1.2.1 Build 20250821 Rel.82492
• ER7212PC < 2.1.3 Build 20251016 Rel.82571
• G36 < 1.1.4 Build 20251015 Rel.84206
• G611 < 1.2.2 Build 20251017 Rel.45512
• FR365 < 1.1.10 Build 20250626 Rel.81746
• FR205 < 1.0.3 Build 20251016 Rel.61376
• FR307-M2 < 1.2.5 Build 20251015 Rel.76743

While TP-Link makes no mention of the flaws being exploited in the wild, it's advised that users move quickly to download and update to the latest firmware to fix the vulnerabilities.

"Check the configurations of the device after the firmware upgrade to ensure that all settings remain accurate, secure, and aligned with their intended preferences," it added.

It also noted in a disclaimer that it cannot bear any responsibility for any consequences that may arise if the aforementioned recommended actions are not adhered to.

Windows 10 Extended Security Updates | Microsoft Windows

Use Windows 10 securely with the Extended Security Updates program. See how it helps protect your PC and find out how to get it.

www.microsoft.com

Find out how the Windows 10 Extended Security Updates (ESU) program helps keep your device secure.

What is Windows ESU?

The Extended Security Updates (ESU) program for Windows 10 provides customers with a more secure option to continue using their Windows 10 PCs after October 14, 2025, while they transition to Windows 11. The ESU program helps reduce the risk of malware and cybersecurity attacks by providing access to critical and important security updates as defined by the Microsoft Security Response Center (MSRC) for devices running Windows 10, version 22H2. ESU enrollment does not provide other types of fixes, feature improvements, or product enhancements. It also does not come with technical support.

Windows 10 support has ended. You can enroll in ESU any time until the program ends on October 13, 2026.

Windows 10 ESU prerequisites

To enroll in the consumer Windows 10 ESU program, make sure your device meets the following requirements:

• Devices need to be running Windows 10, version 22H2 Home, Professional, Pro Education, or Workstations edition.
• Devices need to have the latest Windows update installed. Learn how to install Windows updates.
• The Microsoft account used to sign in to the device must be an administrator account.
  • The ESU license will be associated with the Microsoft account used to enroll. You may be prompted to sign in with a Microsoft account if you typically sign into Windows with a local account.
• The Microsoft account can’t be a child account.

The consumer ESU program can’t be used by commercial devices. Consumer ESU enrollment won’t be offered to devices in the following scenarios:

• Devices in kiosk mode.
• Devices joined to an Active Directory domain or that are Microsoft Entra joined.
  • However, devices that are Microsoft Entra registered can use the Consumer ESU program.
• Devices enrolled in a Mobile Device Management (MDM) solution.
• Devices that already have an ESU license.

If a device is enrolled in the Consumer ESU program and then participates in one of the Commercial ESU scenarios listed above, the Consumer ESU enrollment on the device will be suspended until it is no longer being used as a Commercial device.

If you're an IT professional and need to enable ESU for your organization, see Enable Extended Security Updates (ESU).

How much does Windows 10 ESU cost?

You can enroll in ESU in one of the following three ways:

• At no additional cost if you are syncing your PC Settings.
• Redeem 1,000 Microsoft Rewards points.
• One-time purchase of $30 USD or local currency equivalent plus applicable tax.

All enrollment options provide extended security updates through October 13, 2026. You can enroll in ESU any time until the program ends on October 13, 2026, however devices will be more vulnerable and susceptible to viruses and malware before enrollment. You will need to sign into your Microsoft account in order to enroll in ESU. You’ll be given these options to choose from when you enroll in the ESU program. You can use your existing ESU license on up to 10 devices.

How to get Windows 10 ESU

ESU is rolling out to eligible devices running Windows 10, version 22H2 prior to the end of support date on October 14, 2025, with availability expanding gradually as the phased rollout progresses.

To get ESU on your Windows 10 device:

1. Go to Settings > Update & Security > Windows Update. If your device meets the prerequisites, you’ll see a link to enroll in ESU.
2. Once you select Enroll now you’ll start the ESU enrollment. If you are signed into Windows with a local account, you will be prompted to sign into your Microsoft account. If you are already backing up your PC Settings, you will see a prompt to enroll your device.
3. If you aren’t backing up your Windows settings, you can choose if you want to begin backing up your settings, redeem Rewards, or make a one-time purchase to enroll in ESU.

You can use your existing ESU license on up to 10 devices once you enroll in ESU. Just go to Settings > Update & Security > Windows Update and select Enroll now on those additional devices. If you are already signed into the device with the same Microsoft account used to enroll your first device, select Add device. If you are not signed into the device with a Microsoft account, you will be prompted to sign in to the Microsoft account used to enroll the first device.

Quote from JonnyQuest

The TV apps shows the ability to use the Mullvad app, but I've never looked into it.

Try it, works superb 👌

Quote from JonnyQuest

The TV apps shows the ability to use the Mullvad app, but I've never looked into it.

I use the Mullvad App on my Chromecast, i set it to Albania, and gone are the ads in Youtube.
Albania does not have a contract with Google to show ads

Quote from JonnyQuest

My smart tv has an app selection, but I find using the Roku stick works better, it has a better more manageable layout.

I currently subscribe to my local cable providers app for all of the local channels and 3 of my favorite channels that are live with that provider (compared to on-demand) I have a subscription to Netflix as well, currently rewatching Breaking Bad.

Nice! You know if you use VPN you can watch Netflix from different countries, depending which country you point VPN to.

Meta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams.

To that end, the company said it's introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from giving away sensitive information like bank details or verification codes.

On Messenger, users can opt to enable a setting called "Scam detection" by navigating to Privacy & safety settings. Once it's turned on, users are alerted when they receive a potentially suspicious message from an unknown connection that may contain signs of a scam.

"Because detection happens on your device, chats with end-to-end encryption stay secure," Meta said in a support document. "If you're notified that a chat may contain signs of a scam, we'll ask if you'd like to send recent messages you received to AI review. Messages that are shared with AI are no longer end-to-end encrypted."

If the review finds that it's indeed a possible scam, users are given more information about common scams, such as job offers in exchange for money, opportunities promising fast cash, and work-from-home offers for jobs that can't possibly be done remotely. Users are also provided options to block or report the account in question.

As part of its ongoing efforts to combat scams, the social media giant said it took action on over 21,000 Facebook Pages and accounts masquerading as customer support in an attempt to trick people into sharing their personal information.

In addition, Meta said it detected and disrupted close to 8 million accounts on Facebook and Instagram since the start of the year that are associated with criminal scam centers targeting people, including the elderly, across the world through messaging, dating apps, social media, crypto, and other apps. The scam compounds operated out of Myanmar, Laos, Cambodia, the United Arab Emirates, and the Philippines.

These schemes, often called romance baiting (aka pig butchering), are run by cybercrime syndicates based out of Southeast Asia and refer to a type of investment fraud where criminals entice victims into depositing ever-larger sums into bogus platforms with promises of bigger returns.

In many of the cases, the scammers – who are themselves trafficked into the region with lures of high-paying jobs and held against their will – initiate contact with victims through dating apps, social media platforms, or private messaging services like WhatsApp.

Once they establish rapport, the operation moves to the next phase, with the threat actors steering victims toward supposed investment opportunities, often tied to cryptocurrencies, and deceiving them into depositing their funds and ultimately disappearing without a trace.

"Central to the scam is psychological manipulation: perpetrators cultivate emotional bonds, instill confidence, and in some cases even simulate romantic relationships," Infoblox noted in an analysis published earlier this month. "This drawn-out grooming process lowers victims' defenses and primes them to believe in promises of extraordinary returns, leading to devastating financial losses."

Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams

Meta launches tools on WhatsApp and Messenger to stop scams, disrupting 8M fake accounts.

thehackernews.com

New style added, also a dark style with a super modern look.

Quote from MoonlitPoise

I use Plex and Prime Video. I recently cancelled my Netflix subscription because the price kept going up, and I wasn't finding much I wanted to watch. I also don't watch as much as I used to.

Using torrents to find movies and series ?

MoonlitPoise 😀

Lets see how far we come, lets count with Pictures .

Here we go :

Quote from MoonlitPoise

Currently watching Mobius, a 2025 Chinese sci-fi time-travel mystery series.

External Content www.youtube.com

Content embedded from external sources will not be displayed without your consent.

Display all external content

Through the activation of external content, you agree that personal data may be transferred to third party platforms. We have provided more information on this in our privacy policy.

I love Asian Movies and Series. There are alot on Netflix.

Completely free ! Works flawless !

And i bingewatched Cobra Kai on Netflix my score is 9/10

Tell us what series you are watching, or planning to watch.

I start first then :

Watching The Walking Dead - Daryl Dixon

Just finished, season 1 and 2, now into season 3.

When Does 'The Walking Dead: Daryl Dixon' Final Season Come Out?

Everything we know about Season 4, filming now in Spain.

www.tvinsider.com

Awesome tv series, Norman Reedus is really an amazing actor who can carry the title role excellent.
If you haven't watched the first 3 seasons yet, this is definately a must see !

👾 Welcome to CyberTopix.net – Where Malware Meets Movies & More!

Welcome to CyberTopix.net, the ultimate fusion of cybersecurity, tech culture, and digital entertainment. Whether you're here to dissect malware, explore the Hawk Eye Analysis Platform by Trident, binge-watch malware testing videos, or just hang out and talk tech, you’ve found your digital home.

🧠 What We’re All About:

• 🔍 Malware Testing & Analysis
  Dive into real-world malware samples, reverse engineering, and behavioral analysis using the Hawk Eye Platform. Share your findings, watch breakdown videos, and collaborate with fellow analysts.
• 🎥 Malware Testing Videos
  Watch and discuss curated malware testing sessions, sandbox experiments, and threat simulations. Learn from experts and contribute your own walkthroughs.
• 💬 Cybersecurity & Tech Talk
  From zero-days to zero-trust, join discussions on the latest in infosec, software development, hardware hacks, and emerging tech.
• 🎮 Forum Games & Community Fun
  Take a break with interactive forum games, quizzes, and challenges. Build camaraderie while flexing your brain.
• 🎬 Entertainment Zone
  Talk movies, series, anime, and streaming culture. Share reviews, recommendations, and fan theories.

🚀 Getting Started:

• Introduce Yourself in the Welcome Lounge
• Explore the Malware Lab for hands-on testing
• Join the CyberSec Roundtable for expert discussions
• Relax in the Entertainment Hub for pop culture chats
• Play in the Game Corner for fun and friendly competition

What you bought your Chromecast for.

The best Chromecast App to stream downloaded videos. Stream full 1080p wirelessly to your TV. Available on the desktop, the App Store, and Google Play!

getvideostream.com

Awesome program to stream movies from you laptop or computer instantly to your Chromecast.

Post here which movie you want to see.

This one

Messenger deprecation for Windows | Messenger Help Center

What’s happening to the Messenger app on desktop?

The Messenger app for Windows is being deprecated. After deprecation, you won’t be able to log into the app and will be automatically redirected to use the Facebook desktop app for messaging. You can continue all your conversations directly from the Facebook desktop app, with all the same features you had on the Messenger app, like desktop calling.

Will I get notified about this change?

Yes. If you’re using the Messenger desktop apps, you’ll get an in-app notification once the deprecation process begins.

• You will have 60 days to use the Windows Messenger apps before it is fully deprecated.
• Once the 60 days are over, you’ll be blocked from using the Windows Messenger app. We encourage you to delete the app since it will no longer be usable.