iRobot Files for Chapter 11 Bankruptcy Amid Rising Competition and Tariff Pressures 
Oracle Stock Slides After Blue Owl Exit Report, Company Says Michigan Data Center Talks Remain on Track 
Jared Isaacman Confirmed as NASA Administrator, Becomes 15th Leader of U.S. Space Agency 
Oracle Stock Surges After Hours on TikTok Deal Optimism and OpenAI Fundraising Buzz 
SUPERFORTUNE Launches AI-Powered Mobile App, Expanding Beyond Web3 Into $392 Billion Metaphysics Market 
noyb Files GDPR Complaints Against TikTok, Grindr, and AppsFlyer Over Alleged Illegal Data Tracking. 
Evercore Reaffirms Alphabet’s Search Dominance as AI Competition Intensifies 
SK Hynix Considers U.S. ADR Listing to Boost Shareholder Value Amid Rising AI Chip Demand 
Moore Threads Stock Slides After Risk Warning Despite 600% Surge Since IPO 
Micron Technology Forecasts Surge in Revenue and Earnings on AI-Driven Memory Demand 
Trump Administration Reviews Nvidia H200 Chip Sales to China, Marking Major Shift in U.S. AI Export Policy 
Apple Opens iPhone to Alternative App Stores in Japan Under New Competition Law 
Apple Explores India for iPhone Chip Assembly as Manufacturing Push Accelerates 
Trello Outage Disrupts Users as Access Issues Hit Atlassian’s Work Management Platform 
MetaX IPO Soars as China’s AI Chip Stocks Ignite Investor Frenzy 
Intel’s Testing of China-Linked Chipmaking Tools Raises U.S. National Security Concerns 
Tapplock is rolling out much-needed updates after it was learned that the padlock that uses fingerprint authentication can be hacked.
Security researchers at Pen Test Partners revealed on Wednesday that the Tapplock software can be hacked, thus allowing unauthorized people to open it to steal whatever valuable things it is supposed to be keeping safe.
Andrew Tierney of Pen Test Partners said in a blog post that the accompanying Tapplock app transmits data through an HTTP server, which simply means no encryption is applied. During the researchers’ test, they observed that each time the lock establishes a connection to the app through Bluetooth Low Energy (BLE), it sends “a string of ‘random’-looking data” necessary for the lock to respond to the app’s commands.
However, the researchers found that these strings of data do not change even at different times that the lock is accessed through the app. “A couple of lines of commands in gatttool and it was apparent that the lock was vulnerable to trivial replay attacks,” the researcher said.
It was also found that the lock and its app do not use factory reset options, meaning all data used can be recovered even when a user unlinks the lock from the app. Additionally, Pen Test Partners revealed that app lets the lock be used by someone else.
“I shared the lock with another user, and sniffed the BLE data. It was identical to the normal unlocking data. Even if you revoke permissions, you have already given the other user all the information they need to authenticate with the lock, in perpetuity,” Tierney wrote.
Shortly after Pen Test Partners’ discovery, Tapplock said it will be rolling out the necessary firmware update to address the serious flaw, according to CNET. The said patch will be automatically installed on the padlock once it is available.
The digital security issue was found just weeks after the widely followed YouTube channel JerryRigEverything demonstrated how easy it was to physically open a Tapplock by only using a suction cup and a GoPro mount. Tapplock responded to this by saying the YouTuber’s Tapplock units were just defective.
