A critical vulnerability (CVE-2025-3442) in TP-Link’s Tapo H200 V1 IoT Smart Hub exposes Wi-Fi credentials due to the firmware storing them in plain text. This flaw requires physical access to exploit but poses significant risks, including unauthorized network access. CERT-In advises upgrading firmware to version 1.5.0 and enhancing physical security measures.

REF6045 Uses SCMBANKER PowerShell Toolkit to Target Mexican Banking Customers
A human-operated Mexican banking fraud campaign tracked as REF6045 has been observed using a bespoke PowerShell toolkit SCMBANKER to turn commodity click-fraud lures into operator-assisted


