-
GIGABYTE Control Center vulnerable to arbitrary file write flaw
The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts.
- March 31, 2026
- 06:28 PM
0
-
FCC bans new routers made outside the USA over security risks
The Federal Communications Commission has updated its Covered List to include all consumer routers made in foreign countries, banning the sale of new models in the U.S.
- March 24, 2026
- 04:41 PM
11
-
State of Browser Attacks: Learn from John Hammond, Troy Hunt & Matt Johansen
Join Push Security's free three-part webinar series where top security researchers break down the browser-based attacks driving today's biggest breaches - from AiTM phishing and ConsentFix to compromised credentials and session hijacking.
-
Logitech Options+, G HUB macOS apps break after certificate expires
Logitech's Options+ and G Hub apps on macOS stopped working after their code-signing certificate expired, leaving users unable to launch them on Apple systems.
- January 07, 2026
- 01:05 PM
- 1
-
New D-Link flaw in legacy DSL routers actively exploited in attacks
Threat actors are exploiting a recently discovered command injection vulnerability that affects multiple D-Link DSL gateway routers that went out of support years ago.
- January 06, 2026
- 02:52 PM
- 0
-
Microsoft rolls out hardware-accelerated BitLocker in Windows 11
Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU.
- December 23, 2025
- 03:03 PM
- 3
-
New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock
The UEFI firmware implementation in some motherboards from ASUS, Gigabyte, MSI, and ASRock is vulnerable to direct memory access (DMA) attacks that can bypass early-boot memory protections.
- December 19, 2025
- 10:54 AM
- 13
-
D-Link warns of new RCE flaws in end-of-life DIR-878 routers
D-Link is warning of three remotely exploitable command execution vulnerabilities that affect all models and hardware revisions of its DIR-878 router, which has reached end-of-service but is still available in several markets.
- November 20, 2025
- 10:38 AM
- 0
-
Popular Android-based photo frames download malware on boot
Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time.
- November 13, 2025
- 08:00 AM
- 0
-
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition.
- November 11, 2025
- 05:34 PM
- 0
-
TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs
Academic researchers developed a side-channel attack called TEE.Fail, which allows extracting secrets from the trusted execution environment in the CPU, the highly secure area of a system, such as Intel's SGX and TDX, and AMD's SEV-SNP.
- October 28, 2025
- 01:00 PM
- 2
-
Secure Boot bypass risk threatens nearly 200,000 Linux Framework laptops
Around 200,000 Linux computer systems from American computer maker Framework were shipped with signed UEFI shell components that could be exploited to bypass Secure Boot protections.
- October 14, 2025
- 09:22 AM
- 0
-
Leaked Apple iPad Pro M5 benchmark shows massive improvements
A new leaked benchmark shows Apple's alleged M5 chip on an iPad, and it's almost as fast as a desktop CPU.
- October 04, 2025
- 04:35 PM
- 3
-
DrayTek warns of remote code execution bug in Vigor routers
Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform arbitrary code.
- October 02, 2025
- 01:37 PM
- 0
-
Critical WD My Cloud bug allows remote command injection
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands.
- September 30, 2025
- 11:07 AM
- 0
-
New VMScape attack breaks guest-host isolation on AMD, Intel CPUs
A new Spectre-like attack dubbed VMScape allows a malicious virtual machine (VM) to leak cryptographic keys from an unmodified QEMU hypervisor process running on modern AMD or Intel CPUs.
- September 11, 2025
- 11:05 AM
- 0
-
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Lenovo is warning about high-severity BIOS flaws that could allow attackers to potentially bypass Secure Boot in all-in-one desktop PC models that use customized Insyde UEFI (Unified Extensible Firmware Interface).
- July 30, 2025
- 10:52 AM
- 0
-
Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot
Dozens of Gigabyte motherboard models run on UEFI firmware vulnerable to security issues that allow planting bootkit malware that is invisible to the operating system and can survive reinstalls.
- July 14, 2025
- 12:30 PM
- 5
-
NVIDIA shares guidance to defend GDDR6 GPUs against Rowhammer attacks
NVIDIA is warning users to activate System Level Error-Correcting Code mitigation to protect against Rowhammer attacks on graphical processors with GDDR6 memory.
- July 11, 2025
- 11:39 AM
- 0
-
New Mirai botnet infect TBK DVR devices via command injection flaw
A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them.
- June 08, 2025
- 10:17 AM
- 0
-
FBI: End-of-life routers hacked for cybercrime proxy networks
The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks.
- May 08, 2025
- 06:15 PM
- 3
11
