Microsoft has fixed a known issue preventing Linux from booting on dual-boot systems with Secure Boot enabled after installing the August 2024 Windows security updates. Microsoft has released a ...

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...

Secure Boot has been a core part of PC motherboards for more than a decade -- MSI needed to be reminded of that. A security researcher recently discovered that MSI has released more than 300 ...

Why it matters: Secure Boot is a technology designed to protect the PC boot chain and avoid running a tampered operating system. A firmware update released by MSI, however, changed the feature ...

Arm devices are everywhere today and many of them run Linux. The operating system also powers cloud computing and IT environments all over the world. However, x86 is still the dominant architecture of ...

ESET Research has discovered new ransomware samples, which it has named HybridPetya, resembling the infamous Petya/NotPetya malware. They were uploaded to VirusTotal in February 2025. HybridPetya ...

The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infect even fully patched Windows 11 systems. BlackLotus is the first ...

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild. Two teams of researchers have revealed vulnerabilities this week in ...

Researchers on Wednesday announced a major cybersecurity find—the world’s first-known instance of real-world malware that can hijack a computer’s boot process even when Secure Boot and other advanced ...

Why it matters: Discovered in October 2022, BlackLotus is a powerful UEFI-compatible bootkit sold on underground marketplaces at $5,000 per license. The malware provides impressive capabilities, and a ...

The number of UEFI vulnerabilities discovered in recent years and the failures in patching them or revoking vulnerable binaries within a reasonable time window hasn’t gone unnoticed by threat actors.