Lara De Jong
-
New Vulnerabilities Found in Windows Graphics Core, Raising Security Concerns
Security researchers have uncovered critical vulnerabilities in Microsoft’s Windows Graphics Device Interface (GDI), potentially allowing remote code execution and information disclosure. Patches have been released, but continuous vigilance is crucial for Windows users.
-
New TEE.fail Side-Channel Attack Compromises Intel and AMD Trusted Execution Environments
A new low-cost physical side-channel attack, TEE.fail, bypasses Intel and AMD Trusted Execution Environments, allowing cryptographic key extraction and subversion of secure attestation, according to researchers. This attack highlights critical vulnerabilities in confidential computing architectures.
-
New Android Trojans BankBot-YNRK and DeliveryRAT Target Financial Data
Cybersecurity researchers have identified BankBot-YNRK and DeliveryRAT, two sophisticated Android trojans actively exfiltrating sensitive financial data and cryptocurrency assets. These threats employ advanced evasion techniques and malware-as-a-service models, with a related trend of NFC misuse for payment data theft.
-
Russian Missile Strikes on Ukraine’s Energy Infrastructure Reach Two-and-a-Half-Year High
Russian missile attacks against Ukraine’s energy infrastructure surged in October, marking the highest monthly total in over two and a half years and signaling an intensified campaign as winter approaches.
-
Ukraine Alleges Rosatom Coordinated Strikes on Nuclear Plant Substations
Ukrainian Foreign Minister Andrii Sybiha alleges that Russia’s Rosatom coordinated drone and missile strikes on substations linked to Ukrainian nuclear power plants, raising severe nuclear safety concerns.
-
Ukrainian Intelligence Operation Pinpoints Over 300 Abducted Children in Russia
Ukrainian intelligence agencies have identified over 300 abducted children in Russia, providing specific names and addresses to support international efforts for their return and to counter Russian denials. This initiative aligns with ongoing international legal actions against war crimes.
-
Ukrainian Intelligence Launches Airborne Special Operation in Pokrovsk
Ukraine’s Main Directorate of Intelligence (ГУР) has launched a significant airborne special operation in Pokrovsk, Donetsk Oblast, targeting areas previously claimed by Russian forces. The mission, reportedly led by GUR head Kyrylo Budanov, follows intense Russian reconnaissance and sabotage efforts in the region since mid-2025, escalating into small-arms combat within the city.
-
TEE.fail: Researchers Break Intel and AMD TEEs via DDR5 Memory Bus Interception
Researchers from Georgia Tech and Purdue have revealed TEE.fail — an attack that breaks Intel and AMD Trusted Execution Environments by physically interposing on DDR5 memory buses, extracting attestation keys and undermining confidential computing protections.
-
What Is Bring Your Own Vulnerable Driver (BYOVD)?
Bring Your Own Vulnerable Driver (BYOVD) is a technique that leverages signed but vulnerable drivers to gain kernel-level access and evade security controls.
-
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack
Cisco Talos and Trend Micro researchers have observed the Qilin ransomware group deploying a Linux payload on Windows systems using a BYOVD technique, marking a hybrid attack blending cross-platform execution with legitimate IT tools.