UEFI firmware flaws in certain ASRock, ASUS, GIGABYTE, and MSI motherboards allow early-boot DMA attacks before OS security loads.
Category: security
Windows 10 OOB update released to fix Message Queuing (MSMQ) issues
This month’s extended security update for Windows 10 broke Message Queuing (MSMQ), which is typically used by enterprises to manage background tasks.
Microsoft says it identified a fix and is now rolling out an out-of-band update (KB5074976) via Update Catalog to address it.
You won’t find the OOB on Windows Update or WSUS, as it’s only offered via Update Catalog, but if you are affected, you should download the out-of-band release.
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Cisco has alerted users to a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.
The networking equipment major said it became aware of the intrusion campaign on December 10, 2025, and that it has singled out a “limited subset of appliances” with certain ports open to the internet. It’s currently not known how many customers are affected.
“This attack allows the threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance,” Cisco said in an advisory. “The ongoing investigation has revealed evidence of a persistence mechanism planted by the threat actors to maintain a degree of control over compromised appliances.”
WhatsApp device linking abused in account hijacking attacks
Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign dubbed GhostPairing.
This type of attack does not require any authentication, as the victim is tricked into linking the attacker’s browser to a WhatsApp device.
By doing so, threat actors gain access to the full conversation history and shared media, and may leverage information to impersonate users or commit fraud.
Sonicwall warns of new SMA1000 zero-day exploited in attacks
SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges.
According to SonicWall, this medium-severity local privilege escalation security flaw (CVE-2025–40602) was reported by Clément Lecigne and Zander Work of the Google Threat Intelligence Group, and doesn’t affect SSL-VPN running on SonicWall firewalls.
“SonicWall PSIRT strongly advises users of the SMA1000 product to upgrade to the latest hotfix release version to address the vulnerability,” the company said in a Wednesday advisory.
Texas sues TV makers for taking screenshots of what people watch
The Texas Attorney General sued five major television manufacturers, accusing them of illegally collecting their users’ data by secretly recording what they watch using Automated Content Recognition (ACR) technology.
The lawsuits target Sony, Samsung, LG, and China-based companies Hisense and TCL Technology Group Corporation. Attorney General Ken Paxton’s office also highlighted “serious concerns” about the two Chinese companies being required to follow China’s National Security Law, which could give the Chinese government access to U.S. consumers’ data.
According to complaints filed this Monday in Texas state courts, the TV makers can allegedly use ACR technology to capture screenshots of television displays every 500 milliseconds, monitor the users’ viewing activity in real time, and send this information back to the companies’ servers without the users’ knowledge or consent.
Microsoft: Recent Windows updates break VPN access for WSL users
Microsoft says that recent Windows 11 security updates are causing VPN networking failures for enterprise users running Windows Subsystem for Linux.
This known issue affects users who installed the KB5067036 October 2025 non-security update, released October 28th, or any subsequent updates, including the KB5072033 cumulative update released during this month’s Patch Tuesday.
On impacted systems, users are experiencing connectivity issues with some third-party VPN applications when mirrored mode networking is enabled, preventing access to corporate resources.
Scientists Discover How To “Purify” Light, Paving the Way for Faster, More Secure Quantum Technology
University of Iowa scientists have identified a new way to “purify” photons, a development that could improve both the efficiency and security of optical quantum technologies.
The team focused on two persistent problems that stand in the way of producing a reliable stream of single photons, which are essential for photonic quantum computers and secure communication systems. The first issue, known as laser scatter, arises when a laser is aimed at an atom to trigger the release of a photon, the basic unit of light. Although this method successfully generates photons, it can also produce extra, unwanted ones. These additional photons reduce the efficiency of the optical system, similar to how stray electrical currents interfere with electronic circuits.
A second complication comes from the way atoms occasionally respond to laser light. In uncommon cases, an atom releases more than one photon at the same time. When this happens, the precision of the optical circuit suffers because the extra photons disrupt the intended orderly flow of single photons.