With the increasing prevalence of open-source implementations and the expansion of personal computing device usage to include mobile and non-PC devices as well as traditional desktops and laptops, ...

Security researchers have disclosed a new Secure Boot bypass tracked as CVE-2025-3052 that can be used to turn off security on PCs and servers and install bootkit malware. The flaw affects nearly ...

Against the backdrop of the debacle that mitigating the BlackLotus bootkit has become, the Cybersecurity and Infrastructure Security Agency (CISA) is calling for revamped security for Unified ...

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild. Two teams of researchers have revealed vulnerabilities this week in ...

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...

Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating ...

A vulnerability in trusted system recovery programs could allow privileged attackers to inject malware directly into the system startup process in Unified Extensible Firmware Interface (UEFI) devices.

Why it matters: Discovered in October 2022, BlackLotus is a powerful UEFI-compatible bootkit sold on underground marketplaces at $5,000 per license. The malware provides impressive capabilities, and a ...

After testing the waters for years, Microsoft has launched its first service, Azure Cloud Switch, that's based on Linux. Read now Tail OS, an operating system optimized for privacy and anonymity, has ...

The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. A rare Windows UEFI bootkit malware has been discovered, offering ...

A recently patched security vulnerability in Unified Extensible Firmware Interface (UEFI) systems could allow attackers to bypass Secure Boot protections and compromise system safety during the boot ...