CSOonline

Lack of firmware validation for computer peripherals enables highly persistent attacks

Security researchers have warned for many years that failure to digitally sign and validate the low-level firmware found in computers can lead to damaging compromises that are very hard to detect and ...
Bleeping Computer

OpenWrt Sysupgrade flaw let hackers push malicious firmware images

A flaw in OpenWrt's Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious firmware packages. OpenWrt is a highly customizable ...
Bleeping Computer

Firmware Vulnerabilities Disclosed in Supermicro Server Products

Security researchers have uncovered vulnerabilities affecting the firmware of Supermicro server products. Discovered by the Eclypsium team, these vulnerabilities affect both older and newer models of ...