Collecting Cyber-News from over 60 sources

Tag: Hardware

A hardware neural network backdoor that hides in plain sight

Jun 15, 2026 8:01 AM

Tags: backdoor, Hardware, network, phone

Deep learning systems on phones, cars, and other edge devices increasingly run on custom silicon. Specialized chips such as FPGAs and ASICs give these systems the speed and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/15/hardware-neural-network-backdoor-research/
Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective

May 22, 2026 4:00 PM

Tags: Hardware, vulnerability, windows

1 IntroductionThis article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of individual findings, which frequently affect code whose reachability is hardware-gated. The…
OT-Sicherheit: Vom Perimeterschutz zu identitätsbasiertem Datenverkehr

May 22, 2026 9:00 AM

Tags: access, cyberattack, Hardware

Noch vor 20 Jahren war es einfach, eine Produktionsanlage zu schützen. Das Gelände umgaben üblicherweise Zäune und gesicherte Tore. Physisch isolierte Netzwerke und statische Hardware an festen Standorten machten Cyberangriffe von außen ebenso unmöglich wie das Fehlen von Remote-Zugriff und Cloudumgebungen. Wer Zugriff auf das Netzwerk hatte, wurde als vertrauenswürdig eingestuft. Dieses Konzept kam im……
Flipper Introduces Flipper One as a Modular Linux-Based Cyberdeck

May 22, 2026 8:00 AM

Tags: cyber, cybersecurity, Hardware, linux, network, software

Flipper Devices has officially unveiledFlipper One, a modular, Linux-based cyberdeck designed to push the boundaries of open hardware and portable network analysis platforms. Unlike the popular Flipper Zero, the new device targets high-performance networking, software-defined radio (SDR), and embedded Linux development, positioning itself as a powerful toolkit for cybersecurity professionals, researchers, and hardware developers. Flipper…
Hardware being destroyed by users fearful of data leaks

May 20, 2026 7:00 AM

Tags: data, Hardware, leak

In an effort to ensure data leaks won’t came back and haunt them, significant numbers of customers are dumping machines that could have a second life First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366643475/Hardware-being-destroyed-by-users-fearful-of-data-leaks
Verizon Breach Report: Vulnerability Exploitation Surges

May 19, 2026 5:00 PM

Tags: access, breach, data, data-breach, exploit, hacker, Hardware, ransomware, software, update, vulnerability

Patch Rollout Slows and Ransomware Incident Volume Rises, Finds Latest Verizon DBIR. The frequency of hackers exploiting vulnerabilities in hardware and software to gain initial access to a victim’s environment continues to surge, and half of all successful breaches also now involve some type of ransomware action, according Verizon’s 2026 Data Breach Investigations Report. First…
Researchers Build First Public Apple M5 macOS Kernel Exploit with Mythos Preview

May 18, 2026 8:00 AM

Tags: apple, cyber, exploit, Hardware, macOS, mitigation

Security researchers have unveiled the first publicly known macOS kernel memory corruption exploit targeting Apple’s latest M5 silicon, marking a significant moment for both offensive security and Apple’s next-generation defenses. The exploit, developed in collaboration with Mythos Preview, reportedly bypasses Apple’s advanced Memory Integrity Enforcement (MIE), a hardware-backed mitigation designed to stop this class of…
Mithilfe von Mythos Preview: Forscher entwickeln Exploit für Apples M5-Hardware

May 15, 2026 1:00 PM

Tags: apple, exploit, Hardware

Durch den Einsatz von Mythos hat es nur sechs Tage gedauert, bis Apples Memory Integrity Enforcement umgangen werden konnte. First seen on golem.de Jump to article: www.golem.de/news/mithilfe-von-mythos-preview-forscher-entwickeln-exploit-fuer-apples-m5-hardware-2605-208706.html
EU’s Cyber Resiliency Act will put IT leaders to the test

May 15, 2026 12:00 PM

Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerability

Product safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
EU’s Cyber Resiliency Act will put IT leaders to the test

May 15, 2026 12:00 PM

Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerability

Product safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
CERN’s open source KiCad library gives the world 17,000 circuit board components

May 14, 2026 11:00 AM

Tags: Hardware, open-source

CERN has released its complete KiCad component library under an open source license, making it available to hardware designers anywhere in the world. The library, maintained … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/14/cern-kicad-component-library/
Developer workstations are the new beachhead

May 12, 2026 1:18 PM

Tags: access, application-security, attack, authentication, cloud, container, control, credentials, edr, endpoint, exploit, github, group, Hardware, identity, incident response, infrastructure, malware, mfa, monitoring, network, software, supply-chain, threat, update

The economics that drive the convergence: A typical developer workstation holds SSH keys, cloud provider credentials, container registry tokens, Git authentication tokens and CI/CD pipeline secrets. Many developers have administrative access to internal package registries and deployment infrastructure. Their machines often sit outside the hardened perimeter that security teams build around production systems.From an attacker’s…
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

May 11, 2026 5:20 PM

Tags: ai, attack, ceo, cyber, cybersecurity, exploit, framework, github, Hardware, identity, infrastructure, Internet, penetration-testing, RedTeam, risk, threat, tool, vulnerability, zero-day

Identity, who the AI agent is.Scope, what it is authorized to do.Attestation, whether it or its instructions have been tampered with.Delegation, who delegated authority.Revocation, whether that authority has been revoked.”Every AI agent on the internet today is a stranger. You don’t know who it is, what it’s authorized to do, or whether it’s been tampered…
Wenn die Hardware ‘offiziell” nicht mehr unterstützt wird – FlyOOBE: Windows 11 ohne TPM installieren

May 11, 2026 5:20 PM

Tags: Hardware, windows

First seen on security-insider.de Jump to article: www.security-insider.de/flyoobe-windows-11-ohne-tpm-installieren-a-e12e371476208b034a4ee4db02880915/
Google to pay up to $1.5 million for zero-click Pixel Titan M exploits

May 5, 2026 5:49 PM

Tags: android, browser, chrome, exploit, google, Hardware, vulnerability

Google has revised its Android and Chrome Vulnerability Reward Programs (VRPs), which pay security researchers to report vulnerabilities in Android, Google hardware, and the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/google-vulnerability-reward-program-android-chrome-pixel/
Botnet Hijacks ADB-Exposed Android Devices to Target Minecraft Servers

May 4, 2026 1:48 PM

Tags: android, attack, botnet, cyber, data-breach, ddos, Hardware, jobs, service

New research has uncovered a Mirai-derived botnet called xlabs_v1 that turns Android devices with exposed Android Debug Bridge (ADB) into a distributed attack platform for knocking Minecraft servers and other game hosts offline. By abusing TCP port 5555 on poorly secured Android-based hardware, the operators are quietly building a rentable DDoS-for-hire service aimed at the gaming ecosystem.…
ChatGPT advanced account security adds passkeys and hardware keys

May 4, 2026 12:48 AM

Tags: authentication, chatgpt, Hardware, passkey, phishing

Journalists, elected officials, researchers, and political dissidents have spent years adapting their accounts to phishing-resistant authentication on consumer platforms. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/04/openai-chatgpt-advanced-account-security/
‘Trivial’ exploit can give attackers root access to Linux kernel

May 1, 2026 5:39 AM

Tags: access, ai, attack, business, cloud, container, cve, data, exploit, flaw, github, gitlab, Hardware, incident response, iot, korea, kubernetes, linux, malware, monitoring, remote-code-execution, risk, risk-assessment, saas, sans, software, supply-chain, theft, threat, unauthorized, update, vulnerability

), which lets users easily obtain root access, there isn’t much CSOs can do, says Johannes Ullrich, dean of research at the SANS Institute, as long as they have monitoring for privilege escalation already in place.With root access, a threat actor can do anything to a system, from data theft to data erasure.”The CopyFail vulnerability…
AWS leans on prior ingenuity to face future AI and quantum threats

Apr 29, 2026 11:38 AM

Tags: access, ai, attack, authentication, breach, cloud, communications, computer, computing, control, credentials, crypto, cryptography, cybersecurity, data, defense, encryption, exploit, google, Hardware, identity, infrastructure, Internet, lessons-learned, malicious, penetration-testing, phishing, risk, service, technology, threat, tool, update

Symmetric cryptography and the quantum threat: Back in the early 2010s, most hardware security modules used asymmetric cryptography to protect security keys. Asymmetric cryptography, the kind used to secure online communications, involves pairs of keys, one to lock, another to unlock. It’s a very useful and convenient approach when dealing with multiple parties.Amazon chose to…
AWS leans on prior ingenuity to face future AI and quantum threats

Apr 29, 2026 11:38 AM

Tags: access, ai, attack, authentication, breach, cloud, communications, computer, computing, control, credentials, crypto, cryptography, cybersecurity, data, defense, encryption, exploit, google, Hardware, identity, infrastructure, Internet, lessons-learned, malicious, penetration-testing, phishing, risk, service, technology, threat, tool, update

Symmetric cryptography and the quantum threat: Back in the early 2010s, most hardware security modules used asymmetric cryptography to protect security keys. Asymmetric cryptography, the kind used to secure online communications, involves pairs of keys, one to lock, another to unlock. It’s a very useful and convenient approach when dealing with multiple parties.Amazon chose to…
NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links

Apr 28, 2026 10:39 AM

Tags: cyber, Hardware, malicious

NCSC’s SilentGlass blocks malicious HDMI/DisplayPort links, protecting monitors from hardware attacks. Now commercialized for global use. The UK’s National Cyber Security Centre (NCSC) has launched SilentGlass, a new device to protect one of the most overlooked parts of modern IT systems: the physical links between screens and computers. It is a small plug-in security device…
NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links

Apr 28, 2026 10:39 AM

Tags: cyber, Hardware, malicious

NCSC’s SilentGlass blocks malicious HDMI/DisplayPort links, protecting monitors from hardware attacks. Now commercialized for global use. The UK’s National Cyber Security Centre (NCSC) has launched SilentGlass, a new device to protect one of the most overlooked parts of modern IT systems: the physical links between screens and computers. It is a small plug-in security device…
Schwachstelle in Qualcomm-Snapdragon

Apr 23, 2026 4:39 PM

Tags: access, Hardware, iot, kaspersky, vulnerability

Kaspersky ICS CERT hat eine Hardware-Schwachstelle in Qualcomm-Chips entdeckt. Diese sind in einer Vielzahl von Verbraucher- und Industriegeräten weit verbreitet, darunter Smartphones, Tablets, Fahrzeugkomponenten und IoT-Geräte. Die Schwachstelle befindet sich im sogenannten BootROM, einer auf Hardwareebene verankerten Firmware. Angreifer könnten dadurch potenziell Zugriff auf sämtliche auf dem Gerät gespeicherten Daten sowie auf Sensoren wie Kamera…
Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category

Apr 23, 2026 5:39 AM

Tags: access, ai, application-security, cloud, compliance, container, control, cyber, data, encryption, finance, google, government, group, Hardware, infrastructure, insurance, privacy, service, software, unauthorized

Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category josh.pearson@t“¦ Wed, 04/22/2026 – 23:56 Thales was recognized with a 2026 Google Cloud Partner of the Year award in the Infrastructure Modernization: Sovereign Cloud category. This award highlights partners who have had a significant impact within the Google Cloud ecosystem, particularly…
Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category

Apr 23, 2026 5:39 AM

Tags: access, ai, application-security, cloud, compliance, container, control, cyber, data, encryption, finance, google, government, group, Hardware, infrastructure, insurance, privacy, service, software, unauthorized

Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category josh.pearson@t“¦ Wed, 04/22/2026 – 23:56 Thales was recognized with a 2026 Google Cloud Partner of the Year award in the Infrastructure Modernization: Sovereign Cloud category. This award highlights partners who have had a significant impact within the Google Cloud ecosystem, particularly…
The Time Is Now to Prepare for CRA Enforcement

Apr 22, 2026 4:38 PM

Tags: cyber, cybersecurity, Hardware, international, law, network, resilience, software, supply-chain

<div cla When the EU Cyber Resilience Act (CRA) was introduced into law in 2024, it represented one of the most significant regulatory shifts we’ve seen anywhere in the world with implications for how organizations build, ship, and maintain software. It establishes cybersecurity requirements for hardware and software products sold within the European Union or…
Anthropic bets on EPSS for the coming bug surge

Apr 22, 2026 11:39 AM

Tags: ai, cisco, ciso, cloud, crowdstrike, cve, cvss, cyber, data, exploit, flaw, government, Hardware, healthcare, infrastructure, network, update, vulnerability

Security leaders weigh promise versus reality: Security vendors are increasingly incorporating EPSS scores into their systems.According to Roytman, EPSS has been incorporated into more than 120 security vendors’ products, including CrowdStrike, Cisco, Palo Alto Networks, Qualys, and Tenable platforms.”I do not think other CISOs realize how broadly EPSS has been adopted, but that adoption is…
Top techniques attackers use to infiltrate your systems today

Apr 21, 2026 11:39 AM

Tags: 2fa, access, ai, api, attack, authentication, automation, business, captcha, cloud, container, control, corporate, credentials, cybercrime, cybersecurity, data, deep-fake, defense, detection, email, exploit, flaw, hacking, Hardware, identity, infrastructure, least-privilege, malicious, mfa, microsoft, monitoring, network, password, phishing, powershell, ransomware, risk, saas, scam, service, social-engineering, software, supply-chain, theft, tool, training, vpn, vulnerability, worm

Network security device hacking: Network edge devices have increasingly drawn attackers’ attention over the past two years, establishing a new battleground where the very devices meant to protect the network have become attractive targets for exploitation.As a result, flaws in security device, such as SSL VPN systems and other gateways, are among the top initial…
We beat Google’s zero-knowledge proof of quantum cryptanalysis

Apr 17, 2026 3:39 PM

Tags: ai, application-security, attack, best-practice, computer, computing, control, cryptography, data, exploit, google, group, Hardware, metric, programming, risk, rust, technology, tool, update, vulnerability

Two weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own zero-knowledge proof that significantly improves Google’s on all metrics. Our result is…
Raspberry Pi OS ends open-door policy for sudo

Apr 17, 2026 12:48 AM

Tags: Hardware, password

Command prefix will require password by default First seen on theregister.com Jump to article: www.theregister.com/2026/04/15/raspberry_pi_os_sudo/