The post The Altman Realignment: Why OpenAI is Considering a “Google-Style” Split to Save Its IPO appeared first on Daily CyberSecurity.

A new rowhammer attack gives complete control of NVIDIA CPUs.

On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—­and potentially much more consequential—­territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full system compromise of the host machine. For the attack to work, IOMMU memory management must be disabled, as is the default in BIOS settings.

“Our work shows that Rowhammer, which is well-studied on CPUs, is a serious threat on GPUs as well,” said Andrew Kwong, co-author of one of the papers. “GDDRHammer: Greatly Disturbing DRAM Rows­Cross-Component Rowhammer Attacks from Modern GPUs.” “With our work, we… show how an attacker can induce bit flips on the GPU to gain arbitrary read/write access to all of the CPU’s memory, resulting in complete compromise of the machine.”

Update Friday, April 3: On Friday, researchers unveiled a third Rowhammer attack that also demonstrates Rowhammer attacks on the RTX A6000 that achieves privilege escalation to a root shell. Unlike the previous two, the researchers said, it works even when IOMMU is enabled.

The second paper is GeForge: Hammering GDDR Memory to Forge GPU Page Tables for Fun and Profit:

…does largely the same thing, except that instead of exploiting the last-level page table, as GDDRHammer does, it manipulates the last-level page directory. It was able to induce 1,171 bitflips against the RTX 3060 and 202 bitflips against the RTX 6000.

GeForge, too, uses novel hammering patterns and memory massaging to corrupt GPU page table mappings in GDDR6 memory to acquire read and write access to the GPU memory space. From there, it acquires the same privileges over host CPU memory. The GeForge proof-of-concept exploit against the RTX 3060 concludes by opening a root shell window that allows the attacker to issue commands that run unfettered privileges on the host machine. The researchers said that both GDDRHammer and GeForge could do the same thing against the RTC 6000.

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk.

The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic.

The post Shattering the Memory Wall: Why Anthropic is Betting on a British Startup to Kill the “NVIDIA Tax” appeared first on Daily CyberSecurity.

The post The Great Linux Purge: Why the Kernel is Dumping 27,000 Lines of Code to Stop the AI Vulnerability Deluge appeared first on Daily CyberSecurity.

Apple patched an iPhone notification bug that let deleted messages linger in system storage, closing a privacy gap exposed by an FBI Signal case.

The post Apple Fixes iPhone Bug After FBI Retrieved Signal Messages appeared first on TechRepublic.

Google Pixel users are reporting severe battery drain after recent Android updates, with complaints spanning multiple models and no confirmed fix yet.

The post Google’s Pixel Update Sparks ‘Severe’ Battery Drain Across Multiple Models appeared first on TechRepublic.

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. [...]

The post Command Injection Vulnerability (CVE-2025-29635) Exploited in the Wild appeared first on Daily CyberSecurity.

Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and sideloaded fake apps to steal PINs.

The post Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign appeared first on TechRepublic.

From the FBI breach to the DarkSword iPhone exploit, these are the biggest cyber attacks and security failures that have shaped 2026 so far.

The post 2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable appeared first on TechRepublic.

Android users may be eligible for a payout from Google’s $135 million settlement over background data use. Here’s who qualifies and how to claim.

The post Google $135M Settlement: Millions of Android Users May Qualify for Payout appeared first on TechRepublic.

Apple warns of a new scam targeting millions of iPhone users. Learn the red flags, how it works, and how to protect your account and finances.

The post New Apple Scam Hits Millions of iPhone Users Worldwide, Draining Bank Accounts appeared first on TechRepublic.

Apple is preparing encrypted RCS support for iPhone, a change that could make messaging with Android users more secure and reduce reliance on SMS.

The post ‘Stop Texting’: FBI Warning Drives Apple’s iPhone Messaging Update appeared first on TechRepublic.

The post End of an Era: Linux Kernel 7.1 Finally Bids Farewell to the Iconic Intel 486 appeared first on Daily CyberSecurity.

A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise. [...]

NoVoice malware was found in 50 Android apps on Google Play, with 2.3 million downloads, by bypassing detection and targeting outdated devices.

The post Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3M Downloads appeared first on TechRepublic.

This is for new routers; you don’t have to throw away your existing ones:

The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure, and national defense” and (2) pose “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure and directly harm U.S. persons.”

More information:

Any new router made outside the US will now need to be approved by the FCC before it can be imported, marketed, or sold in the country.

In order to get that approval, companies manufacturing routers outside the US must apply for conditional approval in a process that will require the disclosure of the firm’s foreign investors or influence, as well as a plan to bring the manufacturing of the routers to the US.

Certain routers may be exempted from the list if they are deemed acceptable by the Department of Defense or the Department of Homeland Security, the FCC said. Neither agency has yet added any specific routers to its list of equipment exceptions.

[…]

Popular brands of router in the US include Netgear, a US company, which manufactures all of its products abroad.

One exception to the general absence of US-made routers is the newer Starlink WiFi router. Starlink is part of Elon Musk’s company SpaceX.

Presumably US companies will start making home routers, if they think this policy is stable enough to plan around. But they will be more expensive than routers made in China or Taiwan. Security is never free, but policy determines who pays for it.

The post The 3GB Compromise: Why Raspberry Pi is Raising Prices and Launching a New “Goldilocks” Model appeared first on Daily CyberSecurity.

The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts. [...]