Today’s space race could turn fatal if we don’t agree on new rules 
Alphabet Stock Slides as AI Talent Exodus and SpaceX Losses Shake Investor Confidence 
Meta Seeks Legal Shield From Child-Harm Lawsuits Amid KOSA Talks 
US Raises Concerns Over Possible ASML EUV Machine Transfer to China 
Tencent Reviews Marvelous Stake as Gaming Giant Reassesses Global Investment Strategy 
SK Hynix Overtakes Samsung as South Korea’s Most Valuable Company 
SpaceX Stock Slides After IPO Rally as Valuation Concerns Grow 
Baseten Secures $1.5 Billion Funding at $13 Billion Valuation Amid AI Infrastructure Boom 
Apple Signals Product Price Hikes Amid Rising Memory Chip Costs 
Samsung Gains Interest from BYD, Google, AMD as AI Chip Demand Strains TSMC Capacity 
Chinese Social Media Giant Xiaohongshu Eyes Hong Kong IPO at Over $70 Billion Valuation 
Kingboard Holdings Shares Surge After HK$11.77 Billion Block Trade to Expand PCB and AI Supply Chain Business 
SoftBank Shares Drop as OpenAI Losses and Rising Costs Spark Investor Concerns 
How AI prompting turned writerly description into an everyday skill 
Security researchers recently found a bug on Comcast Xfinity’s official account activation website that allows attackers to easily obtain customers’ WiFi names and passwords.
ZDNet reported on the issue after getting a tip from security researchers Karan Saini and Ryan Stevenson. The subject of the bug was Xfinity’s official website where customers activate online services for their accounts.
According to the report and based on their own testing, the bug allows unauthorized people to obtain WiFi names and passwords of customers who are using Xfinity-provided routers. To illicitly collect these data, an attacker will only need to enter the target’s residential address.
These issues were confirmed by the publication after two Xfinity customers agreed to participate in the test and provided their home addresses.
The experiment revealed that the bugged website provided the correct WiFi name and password of the customer who uses an Xfinity router. Even worse, the website gave these data in plaintext or in its unencrypted, unscrambled form. So, ultimately, an attacker needs one information to intrude a personal WiFi connection.
The security issue does not end there. It was also found that the glitched website gives information of an Xfinity customer even when their WiFi connection is active and even after they have changed their WiFi name and password.
Though the compromised website requires a customer’s complete address, ZDNet commented that an attacker can gather that information by simply guessing a house number or, more easily, by snatching a utility bill thrown in the garbage.
By simply providing a customer’s address, an attacker can tamper the WiFi name and password of Xfinity routers — even custom ones — and later avoid the actual user to access his or her own WiFi connection.
As of this writing, the said website is still up and running and TechCrunch noted that the issue appears to still be in place. And since the bug appears to be useless when aimed at customers with a non-Xfinity router, buying one seems to be the only possible solution for now.
