Welcome to the TechMeme right home for Thursday, January 9th, 2025.

I'm Brian McCullough today.

Big new Zero Day to tell you about.

Apple says Siri is safe, honest.

Google rolls out an AI Daily Listen audio feature, looking at the next wave of wearable AI,

and let me tell you about watch

duty, the app that everyone in L.A. was using overnight. Here's what you miss today in the world

of tech.

Yvante is warning that threat actors exploited a critical rated zero-day in its widely used connect-secure VPN tool

to compromise its corporate customers' networks, quoting TechCrunch.

Avanti said on Wednesday that the critical-rated vulnerability tracked as CVE 2025-2-82 can be

exploited without any authentication to remotely plant malicious code on Avanti's

Connect Secure, Policy Secure, and ZTA Gateway's products.

Avanti says its Connect Secure Remote Access VPN solution is, quote, the most widely used,

adopted SSL VPN by organizations of every size across every major industry.

This is the latest exploited security vulnerability

to target Avanti's products in recent years. Last year, the technology maker pledged to overhaul

its security processes after hackers targeted vulnerabilities and several of its products

to launch mass hacks against its customers. The company said it became aware of the latest

vulnerability after its Avanti Integrity checker tool, flagged malicious

activity on some customer appliances. In an advisory post published on Wednesday, Avanti confirmed

threat actors were actively exploiting a, quote, zero day, which means the company had no time

...