Bleeping Computer

OpenWrt Sysupgrade flaw let hackers push malicious firmware images

A flaw in OpenWrt's Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious firmware packages. OpenWrt is a highly customizable ...
CSOonline

LogoFAIL attack can inject malware in the firmware of many computers

Researchers have shown how attackers can deliver malicious code into the UEFI of many PCs though BIOS splash screen graphics. Researchers have devised an attack that exploits serious vulnerabilities ...
Bleeping Computer

CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards

Chinese-speaking hackers have been using since at least 2016 malware that lies virtually undetected in the firmware images for some motherboards, one of the most persistent threats commonly known as a ...