https://winbuzzer.com/2026/03/16/qualcomm-gbl-exploit-bootloader-unlock-android-16-xcxwbn/
Qualcomm GBL Exploit Unlocks Bootloaders on Android 16 Flagships
#Qualcomm #Android #Exploits #Cybersecurity #SecurityVulnerabilities #Smartphones #Xiaomi #Android16 #Snapdragon8Elite #Bootloaders
@[email protected] It will fully support using other operating systems including users making their own builds of GrapheneOS. It's part of our hardware requirements. We'll likely be able to make hardened builds of firmware and drivers which can be released in an official way for easy builds without needing to extract anything from the GrapheneOS or Motorola OS factory images.
Don't get hung up on the message just because it is something that you can see. As I said, it is very likely a red herring.
In fact the system *has* proceeded beyond it. It has done other stuff, printed that bootstrap loader version line, and is now doing something else.
That something else could be reading the firmware memory map using INT 15/E820 or reading ZFS boot information or loading fonts; all three of which happen without printing anything.
The actual message is not, strictly speaking, an error. It just means that you're bootstrapping the non-EFI way, and your machine's firmware does not adhere to a convention (I believe from DOS+Windows 95 and the 1990s) for marking "not an MBR virus and safe" firmware add-on disc device I/O handlers.
It's unlikely that F000:F0BF is actually unsafe, as that's in (notional) ROM.
This message is very likely a red herring.
The odd thing is that the linear address does not match the segmented address.
It's likely not the true cause of your problems, though; but the mis-match might be symptomatic.
#RealMode #80386 #IA32 #BootLoaders
L’ #IA #AI #Microsoft #Security #Copilot découvre 20 #failles dans les #bootloaders #Linux
C'est ce qu'on appelle une petite guéguerre contre ses concurrents, en utilisant l' #IA ..
La guerre des #IA à commencé...
https://korben.info/ia-microsoft-decouvre-20-failles-bootloaders-grub2.html
The North Koreans and Russians have been busy, Insiders abound, and attacker tradecraft continues to evolve!
Catch all this and more in our latest wrap-up of the day's news:
🗞️ https://opalsec.io/daily-news-update-monday-april-1-2025-australia-melbourne/
There are a few noteworthy stories to get across - here's the TL;DR to get you up to speed:
🕵️ North Korean Infiltration: This is way bigger than many think. DPRK nationals are landing jobs inside global companies, gaining privileged access ("keys to the kingdom" level!). DTEX reports active investigations in 7% of their Fortune Global 2000 clients, and CrowdStrike notes nearly 40% of their NK-related IR cases involved insiders. They move fast post-hire, pivoting to supply chains and installing RATs disguised as onboarding. Watch out for highly anomalous login behaviour (like days-long sessions!). Rigorous remote hiring checks (camera on, resume checks, comms style) are crucial.
🎣 ClickFix Tactics by Lazarus: The infamous North Korean group is evolving its 'Contagious Interview' campaign (now dubbed 'ClickFake' by Sekoia). They're targeting crypto job seekers (shifting focus to non-tech roles too!) with fake website/document errors ('ClickFix'). These prompt users to run PowerShell/curl commands, dropping the 'GolangGhost' backdoor. Watch out for lures impersonating giants like Coinbase or Kraken. Sekoia has shared YARA rules – definitely worth checking out.
💻 WordPress MU-Plugin Abuse: Bad actors are getting stealthy by hiding malicious code in WordPress "Must-Use Plugins" (wp-content/mu-plugins/). These execute automatically on every page load without activation, making them hard to spot. Sucuri is seeing redirects to fake browser updates, webshell backdoors fetching code from GitHub, and JS hijackers replacing content or links. Keep those instances patched, clean up unused plugins/themes, and lock down admin accounts (MFA!).
Check out what else happened in the past 24 hours, and subscribe to get each edition straight to your inbox:
📨 https://opalsec.io/daily-news-update-monday-april-1-2025-australia-melbourne/#/portal/signup
#CyberSecurity #InfoSec #ThreatIntelligence #Hacking #DataBreach #Phishing #Malware #WordPress #NorthKorea #Russia #Ukraine #AI #SecurityCopilot #GRUB2 #Bootloaders #InsiderThreat #DataProtection #CyberAttack #infosecurity #cybersecuritynews #ClickFix
DPRK actors actively infiltrate global businesses, gaining privileged access and pivoting to 3rd parties. Lazarus adopts "ClickFix" tactics, luring job seekers and targeting non-technical roles. Attackers abuse malicious WordPress mu-plugins, a stealthy technique to inject code into every page.
Winbuzzer
N-gated Hacker News
JdeBP
Benjamin Carr, Ph.D. 👨🏻💻🧬
Rod2ik 🇪🇺 🇨🇵 🇪🇸 🇺🇦 🇨🇦 🇩🇰 🇬🇱☮🕊️
Rod2ik 🇪🇺 🇨🇵 🇪🇸 🇺🇦 🇨🇦 🇩🇰 🇬🇱 ☮🕊️
Opalsec 