The US cybersecurity agency CISA warns that hackers are exploiting a critical vulnerability in the discontinued Asus Live Update utility, linked to Operation ShadowHammer and Chinese state-sponsored hacking group APT41. Over 1 million users could be affected, but only around 600 specific devices were targeted. #OperationShadowHammer #APT41
Keypoints
- The vulnerability CVE-2025-59374 allows malicious code to be embedded in the Asus Live Update utility.
- The attack originated from a supply chain compromise involving a backdoor injected into the utility.
- Only a small number of targeted devices were of interest, despite widespread utility distribution.
- Asus has discontinued support for the utility but recommends updating to version 3.6.8 or higher for security.
- CISA has added CVE-2025-59374 to the Known Exploited Vulnerabilities catalog and urges agencies to act.
Read More: https://www.securityweek.com/cisa-warns-of-exploited-flaw-in-asus-update-tool/