A weekly security roundup covering several notable threats and fixes. A new Rowhammer-style attack targets GDDR6 GPU memory, enabling memory manipulation via the PCI bus. McAfee uncovered the NoVoice Android malware campaign hiding in 50+ Play Store apps using polyglot PNG files and a modified Facebook SDK, targeting older unpatched devices to steal WhatsApp data. Flatpak 1.16.4 and xdg-desktop-portal 1.20.4 patch critical sandbox escape and arbitrary file access vulnerabilities. Minnesota's Winona County called in the National Guard after a second ransomware attack this year. TP-Link and MikroTik routers are being exploited by Russian state actors for DNS hijacking to steal corporate credentials. A malware campaign on 3D printing model sites abused Blender's Python scripting to execute malicious code. Finally, CISA warns of Iranian state-sponsored attacks on industrial PLC/SCADA systems, drawing parallels to historical attacks like Stuxnet and the Ukrainian power grid incidents.
Table of contents
NoVoice Android MalwareFlatpak and XDG FixesMinnesota RansomwareRouter Hacks Redirect DNSMalware on 3D Printer ReposPLC takeoverSort: