Core Viewpoint - The article discusses a significant security vulnerability in the domestic Flycow system (fnOS), which allows hackers to access all files on NAS devices. Although the issue has been addressed in version 1.1.15, the company has not issued any official security announcements, raising concerns about user awareness and trust [3][9][10]. Summary by Sections Security Vulnerability - Flycow system fnOS has a major security flaw that has led to multiple devices being attacked by hackers, although it remains unclear if any data has been leaked [4]. - Users experiencing device issues such as freezing or network errors should check for abnormal connection counts, which may indicate a hack [5]. - Even users employing HTTPS, strong passwords, and 2FA have reported being infected, suggesting the vulnerability is inherent to the Flycow system rather than user negligence [6]. Official Response and User Notification - The Flycow official forum has confirmed the existence of a path traversal vulnerability, allowing hackers to access sensitive files on NAS devices. The vulnerability was fixed in version 1.1.15 [8]. - Despite the severity of the issue, Flycow has not issued any public announcements to inform users, relying instead on community discussions for information [9]. - The company should consider mandatory updates and user notifications to mitigate risks for those still using outdated versions [10]. Recommendations for Users - Users can verify the vulnerability by appending specific characters to their domain without logging in, as confirmed by multiple users [14]. - Temporary defense measures are suggested, but a complete reinstallation of the system and thorough checks of all files are recommended to ensure security [19].

Core Insights - Rapid7 disclosed a critical security vulnerability in OnePlus's OxygenOS, identified as CVE-2025-10184, affecting versions 12 to 15 [2] - The vulnerability stems from improper permission settings during modifications to the Android system's underlying phone API, allowing malicious apps to read or send messages without user knowledge [2] - OnePlus has committed to rolling out security patches starting mid-October, despite researchers attempting to contact the company since May 2025 [2] Company Performance - OnePlus has seen a 31% year-on-year increase in total sales in the first half of 2025, ranking first among smartphone brands [2] - The company targets online users with high-performance needs, overlapping with Xiaomi's target demographic [3] Industry Context - System security and stability have become critical factors for users in an increasingly competitive market [3] - The vulnerability highlights the importance of proper permission settings in custom components, serving as a warning for other manufacturers [3]