Breaking 15:20 European farmers cut crops as Iran war disrupts fertilizer supply 15:00 Tesla completes AI5 chip design with mass production targeted for 2027 14:40 Renewables offset Hormuz crisis as fossil power output falls 14:20 Unitree launches $8,200 humanoid robot globally via AliExpress 14:00 Donald Trump threatens to reconsider trade deal with the United Kingdom 12:40 Gold holds near record as oil slips on US Iran talks hopes 11:00 Washington expands funding for HIV preventive treatment, with Morocco among targeted countries 10:34 Parliament: Aziz Akhannouch details the Moroccan government’s record 10:33 Anthropic draws funding offers valuing AI startup up to $800 billion 09:20 Trump attacks UK energy policy over North Sea drilling ban 09:17 Freight train derailment in North Bergen shuts Route 3 09:01 Honda recalls over 440,000 minivans in the United States over airbag software issue 08:40 James Webb spots massive exoplanet challenging planet formation limits 08:20 Iran war accelerates global shift toward China-led energy future 08:15 American-Kuwaiti journalist detained in Kuwait amid regional tensions 17:20 Oil shock splits forecasts as inflation outlook grows uncertain 17:00 ASML to stop reporting bookings ahead of closely watched earnings 16:40 Alibaba’s Qwen3.6 Plus tops AI benchmark as rivals dispute results 16:20 Amazon to acquire Globalstar in $90 per share satellite deal 16:00 Blood test detects Alzheimer’s risk years before brain scans 15:40 Cocoa prices plunge as global supply rebounds and demand weakens

Unity fixes critical Android game vulnerability threatening crypto users

Monday 06 October 2025 - 16:50
By: Dakir Madiha
Unity fixes critical Android game vulnerability threatening crypto users

Unity Technologies has released patches addressing a critical security flaw in its engine that posed risks to Android users, particularly those managing cryptocurrency wallets. The vulnerability, tracked as CVE-2025-59489, affected games and applications built with Unity 2017.1 and later.

Vulnerability details

The flaw originates from an “untrusted search path” issue, allowing attackers to manipulate how and where a Unity game loads code. Discovered and responsibly disclosed by researcher RyotaK of GMO Flatt Security Inc., the bug enables a malicious app on the same device to send crafted commands via Android intents. These commands could force a Unity game to load a malicious shared library (.so file), executing code with the game’s privileges.

Since many Android games request broad permissions, such an exploit could allow attackers to access data or interfere with other apps, including crypto wallets.

Industry response and mitigation

Unity has provided updated editor builds and a patching tool. Developers are advised to recompile projects with patched Unity versions or use the Unity Application Patcher for apps that cannot be rebuilt from source. Unity confirmed there is no evidence that the vulnerability has been exploited so far.

Other platform providers and distributors have also responded. Valve (Steam) added protections to detect exploit attempts, while Microsoft updated Defender to flag potential attacks. Google and other companies are coordinating mitigation measures. Some game publishers have patched affected titles or temporarily removed them from distribution to apply fixes.

For users, the immediate advice is to update Android games as patches become available, remove untrusted apps, avoid installing unknown APKs, and, for crypto wallet users, maintain a separate secure environment.

A wake-up call for the ecosystem

The incident underscores how vulnerabilities in widely used engines can have far-reaching impacts, potentially threatening areas like cryptocurrency management that might seem unrelated. The swift response across platforms demonstrates the seriousness with which game developers and security teams treat systemic security risks.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Sweden foils pro-Russian cyberattack on thermal power plant News in brief Sweden foils pro-Russian cyberattack on thermal power plant
UK regulators review Anthropic AI model kept out of public release Technology UK regulators review Anthropic AI model kept out of public release
OpenAI memo claims Microsoft limited reach as Amazon demand surges Technology OpenAI memo claims Microsoft limited reach as Amazon demand surges
Basic-Fit data breach exposes personal information of 200,000 members in the Netherlands Technology Basic-Fit data breach exposes personal information of 200,000 members in the Netherlands

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.