Search Results For: attacker
A newly disclosed Secure Boot vulnerability is putting a large number of PCs at risk of bootkit attacks, with security researchers urging immediate patching. The flaw, tracked as CVE-2025-3052, was uncovered by Binarly Research and involves a signed UEFI module that allows attackers to bypass or disable Secure...
Read more...
Do you use AirPlay to send videos from an iPhone, iPad, or Mac to a television or play music through a smart speaker? Then friends, you are in for a treat. Thanks to a vulnerability in not just Apple's operating system, but the ecosystem-wide AirPlay software development kit (SDK), over two billion devices are...
Read more...
Another day means another Windows update, and this time it comes with a warning from Microsoft. You may have noticed a new folder in your root C:\ folder after applying the latest cumulative update for April 2025. Furthermore, you may have been tempted to delete it after discovering that it's an empty folder. Word to...
Read more...
Researchers have uncovered a proprietary undocumented command in Chinese manufacturer Espressif's ESP32 chips that could be exploited, to the potentialdetriment of millions of users.
The ESP32 chip allows connectivity through Wifi or Bluetooth and can be found in millions of the Internet of Things (IoT) devices. At...
Read more...
Following last month's update which addressed 159 security flaws, Microsoft has released another significant patch, this time fixing 63 vulnerabilities of varying severity (critical, important, moderate, and low). Three critical vulnerabilities requiring user action are CVE-2025-21376, CVE-2025-21379, and...
Read more...
Malware on iPhones and Android devices is often associated with downloading third-party apps from unofficial sources. Cybercriminals, however, are also able to hide malware within apps found at official sources, like the iOS App Store and Google Play Store. These pieces of malware are often designed to target...
Read more...
AMD and Google's Security Team have disclosed a major microcode vulnerability affecting all AMD EPYC processors built on the Zen 1 through Zen 4 architectures. That means EPYC 7001 (Naples), 7002 (Rome), 7003 (Milan), and 8004/9004 (Genoa/Bergamo/Siena) series chips are all impacted. The vulnerability, assigned...
Read more...
If you're using an NVIDIA RTX, Quadro, NVS, or Tesla GPU, sit up and take notice. NVIDIA has just released a driver update that addresses several security vulnerabilities in its GPU drivers and vGPU software. We're used to seeing driver updates aimed at improving stability or performance, but this one is primarily...
Read more...
Praga, a century-old automaker that you might have never heard of, has begun deliveries of its track-focused hypercar called the Bohema. After a seven-year incubation period, the first production car was delivered to a customer in Netherlands, with U.S.-bound cars slated to reach customers some time next spring. For...
Read more...
It might seem as if threat actors have been more heavily targeting mobile users lately with malware and exploits, but it doesnt mean desktop users can drop their guard. Researchers at ESET have discovered a vulnerability in several Mozilla products, which are currently being exploited by a Russian hacking group known...
Read more...
Usually, it takes a human to uncover vulnerabilities in a computer system, but before long, the computers may be doing it alone. Google's Deep Mind and Project Zero divisions have teamed up to create a new kind of large language model (LLM) that can identify security flaws, and the model spotted its first critical...
Read more...
If you have any Apple devices running iOS 18, you'd better go make sure they have the latest security updates. That's because Apple has just released fixes for some major flaws, including a bug that could apparently allow an attacker to make your device read your stored password aloud through the VoiceOver...
Read more...
Look, before we even get into the meat of what the problems were, if you're on Windows, make sure you've got the latest updates. Yesterday's "Patch Tuesday" brought with it fixes for nearly 80 different security bugs across just about every single Microsoft product, but the real worry has to do with a zero-day bug...
Read more...
Security researchers at Cisco Talos have discovered a set of vulnerabilities affecting macOS users who have Microsoft applications installed on their computers, providing more attack vectors for malicious actors. The researchers say that an attacker could bypass the operating systems permission model by using...
Read more...
This one's important, so let's get right to it: a new security flaw in all versions of Windows opens the door for a wormable remote code execution vulnerability. That means it can be exploited by an automated worm with zero user interaction required, and it gives the remote attacker the ability to execute code...
Read more...
An app designed for Verizon in-store demos, identified as Showcase.apk, has left several generations of Pixel smartphones vulnerable to a number of different types of attacks. The app has been around since 2017, and places nearly every Pixel device sold during that time at risk. However, Google remarked it is...
Read more...
If you're rocking an AMD build, there's a high chance you're vulnerable to a serious security flaw that's been dubbed Sinkclose. That Ryzen 7 7800X3D pictured above? It's affected, as is the entire Ryzen 7000 series range and a slew of other processor models dating back to 2006. Another tidbit that won't give any AMD...
Read more...
Security firm Cleafy has discovered a new piece of Android malware being used in the wild, dubbed BingoMod. BingoMod is designed to steal money from a victim by committing On Device Fraud, which makes it easier to bypass security measures used by banking institutions. The threat actors appear to be targeting users...
Read more...
A nasty banking trojan is taking aim at Android users in the United States and half a dozen other countries. It goes by two names, Medusa and TangleBot, but whatever you want to call it, the cause for concern is that it's a more nimble version that's tougher to detect than the one that wreaked havoc before seemingly...
Read more...
Cybersecurity firm Check Point Research has discovered a potent piece of Android malware,called Rafel,being utilized by threat actors. Themalwareis an open-source remote administration tool (RAT) and Check Point Research says that it has already observed an espionage group leveraging Rafel in their...
Read more...
A few years ago, PC firmware switched from the aging BIOS system to the Unified Extensible Firmware Interface standard, more commonly known as UEFI. This system is more secure than the legacy BIOS was, but it's not perfect. Cybersecurity firm Eclypsium reports the discovery of a serious bug in UEFI that could affect...
Read more...
TP-Link has issued an important firmware update for its Archer C5400X wireless router for gamers, a popular tri-band model that debuted several years ago and was branded as being "recommended" for NVIDIA's GeForce NOW cloud gaming service. Left unpatched, owners of the affected model could succumb to a nasty attack...
Read more...
