{"id":281640,"date":"2026-06-25T08:24:00","date_gmt":"2026-06-25T12:24:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/25\/threatsday-bulletin-smart-tv-proxyware-24-year-curl-bug-ai-crime-forums-13-more-stories\/"},"modified":"2026-06-25T13:20:57","modified_gmt":"2026-06-25T17:20:57","slug":"threatsday-bulletin-smart-tv-proxyware-24-year-curl-bug-ai-crime-forums-13-more-stories","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/25\/threatsday-bulletin-smart-tv-proxyware-24-year-curl-bug-ai-crime-forums-13-more-stories\/","title":{"rendered":"ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories"},"content":{"rendered":"

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories<\/a><\/p>\n

https:\/\/thehackernews.com\/2026\/06\/threatsday-bulletin-smart-tv-proxyware.html<\/a><\/p>\n

Publish Date: 2026-06-25 08:24:00<\/a><\/p>\n

Source Domain: thehackernews.com<\/a><\/p>\n

\ue804Ravie Lakshmanan<\/span>\ue802Jun 25, 2026<\/span><\/span>Hacking News \/ Cybersecurity News<\/span><\/p>\n

It\u2019s dumb out there again.<\/p>\n

This week has the usual smell of prod on fire and nobody wanting to admit who left the door open \u2014 old creds still working, trusted apps doing sketchy crap, browser tricks jumping the fence, and \u201cnormal\u201d workflows turning into phishing pipes because apparently email was not enough hell already.<\/p>\n

The worst part is how cheap some of it feels. Not elite. Not cinematic. Just stale secrets, fake updates, lazy trust, and random boxes quietly becoming someone else\u2019s infrastructure. Same internet, fresh headache. Let\u2019s get into it.<\/p>\n

    \n
  1. \n <\/p>\n

    Privacy-first bot defense<\/span><\/p>\n

    \n Cloudflare has teamed up with Google Chrome, Microsoft Edge, and Mozilla Firefox to create a privacy-preserving protocol that websites can use to separate desirable web traffic from undesirable network requests. This involves the use of Private Access Control Tokens (PACT), which allow websites to issue anonymous tokens that assert a given browsing session is being run by a human. “A user’s browser can then provide these tokens to other sites to prove that a human is in the loop, reducing the need for annoying and clunky captchas or invasive tracking,” Cloudflare said. “PACT is designed so that sites cannot leverage it to track or identify users or their browsing history.”\n <\/p>\n<\/li>\n

  2. \n <\/p>\n

    Six curl CVEs<\/span><\/p>\n

    \n AISLE said it discovered six vulnerabilities in curl, which range from “classic memory-lifetime issues to logic bugs in how libcurl decides whether a connection, credential, or host identity is still valid.” One of the notable vulnerabilities is CVE-2026-8932, which allows the library to “reuse a previously created connection even when some mTLS config-related option had been changed that should have prohibited reuse.” AISLE described it as the oldest curl vulnerability reported so far, adding that it has been shipped in releases since curl version…<\/p>\n<\/li>\n<\/ol>\n

    Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

    ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories…<\/p>\n","protected":false},"author":1,"featured_media":281643,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO1f6pZmhVaPQd2FjrrAG-IbL0vMk7zHVZ6BqjzkzJS8qd7HlAtIJ-7chRUbqR7tZHPNqdZFbm0QL9O03mkW7YsOh0pVwW1_ogikaoxNX8dFd5-ZB4SwB7-tfpWmp9Hr22DJL6tzZgTdeFnCU4VwaZXSY_htGs2_xlaB8n0EOedrfe7wHuI30GXTF6Pofc\/s1600\/threatsday-june.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,25,27],"class_list":["post-281640","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-phishing","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/281640"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=281640"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/281640\/revisions"}],"predecessor-version":[{"id":281646,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/281640\/revisions\/281646"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/281643"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=281640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=281640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=281640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}