Tag: firmware
-
C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/c0xmo-botnet-spreads-via-dd-wrt-router-flaw-kills-rival-malware/
-
Per Bluetooth und USB: PC über angeschlossene Soundbar gehackt
Tags: firmwareEin Forscher konnte ohne vorheriges Pairing per Bluetooth die Firmware seiner Soundbar manipulieren. Danach konnte er darüber seinen PC steuern. First seen on golem.de Jump to article: www.golem.de/news/firmware-manipulation-per-bluetooth-pc-ueber-verbundene-soundbar-gehackt-2606-209436.html
-
Tastatur emuliert: Forscher hackt seinen eigenen PC über eine Soundbar
Tags: firmwareEin Forscher konnte ohne vorheriges Pairing per Bluetooth die Firmware seiner Soundbar manipulieren. Danach konnte er darüber seinen PC steuern. First seen on golem.de Jump to article: www.golem.de/news/firmware-manipulation-per-bluetooth-pc-ueber-verbundene-soundbar-gehackt-2606-209436.html
-
New Gafgyt Variant Targets Linux Systems With Modular Spread Tactics
A new Gafgyt-family botnet, tracked as C0XMO, marks a notable technical shift in IoT malware design: the separation of scanning and propagation into distinct components and multi-architecture payloads that maximize reach across heterogeneous Linux devices. The operator delivered C0XMO by exploiting CVE-2021-27137 a stack buffer overflow in the UPnP SSDP parser of vulnerable DD-WRT firmware…
-
Firmware-Manipulation per Bluetooth: PC über verbundene Soundbar gehackt
Tags: firmwareEin Forscher hat per Bluetooth und ohne vorheriges Pairing die Firmware seiner Soundbar überschrieben. Danach konnte er darüber seinen PC steuern. First seen on golem.de Jump to article: www.golem.de/news/firmware-manipulation-per-bluetooth-pc-ueber-verbundene-soundbar-gehackt-2606-209436.html
-
Acer Confirms Patch in Progress for Wave 7 Router 0-Day Flaw
Acer has confirmed that it is actively developing a firmware patch to address critical zero-day vulnerabilities affecting its Wave 7 routers, following responsible disclosure by an independent security researcher. According to an official advisory published on June 2, 2026, the vulnerabilities impact Acer Wave 7 devices running firmware version T7c_GBL_1.01.000055 or earlier. The flaws expose…
-
New Linux FIRESTARTER Backdoor Targets Cisco Firepower Devices
CISA and NCSC warn that FIRESTARTER, a Linux-based backdoor, targets Cisco Firepower devices, evades patches, and enables persistent access even after firmware updates. First seen on hackread.com Jump to article: hackread.com/linux-firestarter-backdoor-cisco-firepower-devices/
-
Riddled with flaws, serialEthernet converters endanger critical infrastructure
Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerabilityNew RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
-
Riddled with flaws, serialEthernet converters endanger critical infrastructure
Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerabilityNew RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
-
Router Security Hardening Steps for 2026: From Default Credential Audits to Automated Firmware Risk Monitoring
Network edge devices are now among the most targeted entry points in cyberattacks. Recent intelligence shows that threat actors are focusing more on routers, firewalls, and VPN concentrators than on end-user machines, a trend highlighted in multiple 2025 threat intelligence reports. For IT teams responsible for Dutch enterprise environments, that shift makes a structured and…
-
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
Tags: advisory, api, attack, best-practice, cloud, container, cve, cvss, cyber, data, exploit, firewall, firmware, flaw, framework, github, Internet, malicious, microsoft, mitigation, office, powershell, rce, remote-code-execution, service, software, sql, startup, tool, update, vulnerability, windows, zero-day8Critical 154Important 1Moderate 0Low Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild. Microsoft patched 163 CVEs in its April 2026 Patch Tuesday release, with eight rated critical, 154 rated as important and one rated as moderate. This is the second…
-
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level.”The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of…
-
Google makes it harder to exploit Pixel 10 modem firmware
Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/13/google-pixel-rust-baseband-modem-security/
-
What we learned about TEE security from auditing WhatsApp’s Private Inference
WhatsApp’s new “Private Inference” feature represents one of the most ambitious attempts to combine end-to-end encryption with AI-powered capabilities, such as message summarization. To make this possible, Meta built a system that processes encrypted user messages inside trusted execution environments (TEEs), secure hardware enclaves designed so that not even Meta can access the plaintext. Our…
-
Supply chain security is now a board-level issue: Here’s what CSOs need to know
Tags: access, android, attack, automation, best-practice, compliance, cybersecurity, edr, encryption, firewall, firmware, flaw, infrastructure, linux, mitigation, regulation, risk, sbom, software, supply-chain, switch, threat, tool, update, vulnerability, windows, zero-dayThe hidden complexity that drowns security teams: SBOMs are no longer used solely to track software licensing; they are key to managing supply chain security as they enable the identification and tracking of vulnerabilities across ecosystems.Finding a problem is just the start, you need to determine if the vulnerability affects your implementation. For example, if…
-
Authentication is broken: Here’s how security leaders can actually fix it
Tags: access, attack, authentication, backup, business, communications, control, credentials, cryptography, data, exploit, fido, firmware, Hardware, healthcare, identity, login, mfa, microsoft, okta, passkey, privacy, resilience, risk, soc, technology, update, windowsSector snapshots: Where it breaks (and why that matters): Healthcare. Clinicians need tap and go speed with zero tolerance for downtime. One large hospital attempted to pair advanced HID SEOS credentials, which use privacy-preserving randomized IDs, with a clinical SSO platform that expects static IDs for user recognition. This architectural mismatch forced a choice between…
-
Cisco fixes critical IMC auth bypass present in many products
Tags: access, ai, api, apt, attack, authentication, cisco, computing, credentials, cybersecurity, dns, email, exploit, firewall, firmware, flaw, group, infrastructure, linux, malicious, monitoring, network, password, ransomware, risk, router, vulnerability, zero-day[ Related: More Cisco news and insights ] The Cisco IMC is a baseboard management controller (BMC), a dedicated controller embedded into server motherboards with its own RAM and network interface that gives administrators monitoring and management capabilities as if they were physically connected to the server with a keyboard, monitor, and mouse (KVM). Because BMCs run…
-
Alleged Starbucks Incident Exposes Code and Firmware
Threat actors claim to have stolen 10GB of Starbucks code and firmware from a misconfigured S3 bucket. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cloud-security/alleged-starbucks-incident-exposes-code-and-firmware/
-
TP-Link warnt vor Sicherheitslücken: Firmware zahlreicher Router manipulierbar
TP-Link warnt vor Sicherheitslücken in mehreren seiner Router. Angreifer können unter anderem die Firmware austauschen und Konfigurationen manipulieren. First seen on golem.de Jump to article: www.golem.de/news/tp-link-router-luecke-laesst-angreifer-andere-firmware-einschleusen-2603-206939.html
-
TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password
TP-Link patched high-severity Archer NX router flaws, including one that could let attackers upload rogue firmware without authentication. The post TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-tp-link-router-security-flaw-update-now/
-
Sicherheitslücken: Angreifer können TPRouter kapern
TP-Link warnt vor Sicherheitslücken in mehreren seiner Router. Angreifer können unter anderem die Firmware austauschen und Konfigurationen manipulieren. First seen on golem.de Jump to article: www.golem.de/news/tp-link-router-luecke-laesst-angreifer-andere-firmware-einschleusen-2603-206939.html
-
TP-Link: Router-Lücke lässt Angreifer andere Firmware einschleusen
TP-Link warnt vor Sicherheitslücken in mehreren seiner Router. Angreifer können unter anderem die Firmware austauschen und Konfigurationen manipulieren. First seen on golem.de Jump to article: www.golem.de/news/tp-link-router-luecke-laesst-angreifer-andere-firmware-einschleusen-2603-206939.html
-
Patch now: TP-Link Archer NX routers vulnerable to firmware takeover
TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware. TP-Link issued security updates for its Archer NX router series to fix multiple vulnerabilities, including CVE-2025-15517 (CVSS score of 8.6), a critical authentication bypass flaw. The vulnerability impacts multiple models, including NX200, NX210, NX500,…
-
Why US companies must be ready for quantum by 2030: A practical roadmap
Tags: api, backup, control, crypto, cryptography, data, encryption, endpoint, firmware, government, identity, infrastructure, ml, nist, risk, service, software, strategy, supply-chain, update, vpn“Harvest now, decrypt later” is not theoretical. If an attacker steals encrypted session captures or archived backups, the confidentiality loss happens the day quantum-capable decryption becomes practical. Your risk horizon is set by the shelf life of your data, not the arrival date of a quantum computer.Government and critical infrastructure guidance are converging. The National…
-
Why US companies must be ready for quantum by 2030: A practical roadmap
Tags: api, backup, control, crypto, cryptography, data, encryption, endpoint, firmware, government, identity, infrastructure, ml, nist, risk, service, software, strategy, supply-chain, update, vpn“Harvest now, decrypt later” is not theoretical. If an attacker steals encrypted session captures or archived backups, the confidentiality loss happens the day quantum-capable decryption becomes practical. Your risk horizon is set by the shelf life of your data, not the arrival date of a quantum computer.Government and critical infrastructure guidance are converging. The National…
-
TDL 018 – How To Think, Not What To Think – Mitch Prior
Tags: access, ai, apple, attack, backup, blockchain, business, cctv, china, ciso, cloud, computer, conference, control, credentials, cvss, cyber, cybersecurity, data, defense, detection, exploit, finance, firmware, google, infrastructure, intelligence, Internet, iot, jobs, law, mail, malware, military, network, phone, privacy, resilience, risk, router, software, strategy, switch, technology, threat, tool, vulnerability, wifi, zero-trustThe Human Algorithm in a Zero-Trust World In the latest episode of The Defender’s Log, host David Redekop sits down with cybersecurity expert Mitch Prior to discuss the intersection of high-tech security and human intuition. From their first meeting in 2018″, the early days of Zero Trust”, the duo explores why the “why” behind technical…
-
Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls
A severe security vulnerability has been uncovered in UNISOC modem firmware, allowing attackers to execute arbitrary code remotely over cellular networks. UNISOC is a major semiconductor manufacturer providing chipsets for prominent mobile brands such as Motorola, Samsung, Vivo, and Realme. This unpatched flaw leaves millions of devices potentially vulnerable to remote compromise. Vulnerability Overview The…
-
Pixel Watch Users Report Inflated Steps, Missing SpO2 Data
A recent Pixel firmware update released in March 2026 has sparked concern among Pixel Watch users, as reports of inaccurate Fitbit tracking, missing SpO2 readings, and inflated activity data continue to surface. What was expected to refine performance has instead led to confusion, with some users questioning the reliability of their health metrics altogether. First seen on thecyberexpress.com Jump to…