Makemation: a Nollywood movie that shows AI in action in Africa 
Nanya Technology Shares Surge 10% After $2.5 Billion Private Placement from Sandisk and Cisco 
NASA Artemis II: First Crewed Moon Mission Since Apollo Takes Four Astronauts on 10-Day Lunar Journey 
Elliott Investment Management Takes Multibillion-Dollar Stake in Synopsys 
Reflection AI Eyes $25 Billion Valuation in Massive $2.5 Billion Funding Round 
Meta and Google just lost a landmark social media addiction case. A tech law expert explains the fallout 
Federal Judge Blocks Pentagon's Blacklisting of AI Company Anthropic 
SpaceX IPO Filing Expected This Week as Valuation Could Surpass $75 Billion 
Cybersecurity Stocks Tumble After Anthropic's Claude Mythos AI Leak Sparks Market Fears 
SMIC Allegedly Supplies Chipmaking Tools to Iran's Military, U.S. Officials Warn 
Elon Musk Announces Terafab: SpaceX and Tesla to Build Dual AI Chip Factories in Austin, Texas 
Nintendo Switch 2 Production Cut as Holiday Sales Miss Targets 
NVIDIA's Feynman AI Chip May Face Redesign Amid TSMC Capacity Crunch 
Microsoft Eyes $7B Texas Energy Deal to Power AI Data Centers 
TSMC Japan's Second Fab to Produce 3nm Chips by 2028 
Chinese Universities with PLA Ties Found Purchasing Restricted U.S. AI Chips Through Super Micro Servers 
Security researchers recently found a bug on Comcast Xfinity’s official account activation website that allows attackers to easily obtain customers’ WiFi names and passwords.
ZDNet reported on the issue after getting a tip from security researchers Karan Saini and Ryan Stevenson. The subject of the bug was Xfinity’s official website where customers activate online services for their accounts.
According to the report and based on their own testing, the bug allows unauthorized people to obtain WiFi names and passwords of customers who are using Xfinity-provided routers. To illicitly collect these data, an attacker will only need to enter the target’s residential address.
These issues were confirmed by the publication after two Xfinity customers agreed to participate in the test and provided their home addresses.
The experiment revealed that the bugged website provided the correct WiFi name and password of the customer who uses an Xfinity router. Even worse, the website gave these data in plaintext or in its unencrypted, unscrambled form. So, ultimately, an attacker needs one information to intrude a personal WiFi connection.
The security issue does not end there. It was also found that the glitched website gives information of an Xfinity customer even when their WiFi connection is active and even after they have changed their WiFi name and password.
Though the compromised website requires a customer’s complete address, ZDNet commented that an attacker can gather that information by simply guessing a house number or, more easily, by snatching a utility bill thrown in the garbage.
By simply providing a customer’s address, an attacker can tamper the WiFi name and password of Xfinity routers — even custom ones — and later avoid the actual user to access his or her own WiFi connection.
As of this writing, the said website is still up and running and TechCrunch noted that the issue appears to still be in place. And since the bug appears to be useless when aimed at customers with a non-Xfinity router, buying one seems to be the only possible solution for now.
