Breaking 16:20 OpenAI launches a $10 billion joint venture to embed AI in private equity firms 16:00 Wildfires spread across the Northern Hemisphere weeks ahead of schedule 15:38 Iranian supertanker carrying $220 million in crude breaks through US naval blockade 15:20 Bitcoin stalls near $78,000 as Binance logs five days of stablecoin outflows 14:55 Germany maps US potash dependency as potential lever in trade standoff 14:37 Oil shock and Wall Street euphoria put global economy on recession watch 13:42 US backs Lai after surprise Eswatini visit draws sharp rebuke from Beijing 13:20 Dubai airport traffic collapses 66 percent in March as regional war disrupts Gulf aviation 13:03 Rockstar Games developers allege unpaid overtime amid GTA 6 crunch at India studio 11:45 Fifa faces world cup broadcast crisis as India and China deals remain uncertain 11:21 Jet fuel crisis grounds airlines worldwide as Spirit Airlines shuts down operations 11:00 Pakistan facilitates return of Iranian cargo ship crew seized by the United States 10:30 New Mexico seeks changes to Meta platforms in youth harm trial 10:04 United Airlines Boeing 767 strikes lamppost and truck while landing at Newark airport 09:30 AI chipmaker Cerebras targets strong valuation in US IPO push 09:04 Chanel Cruise 2026/27 backstage beauty looks reveal key makeup trends 08:15 German carmakers hit by new US tariff increase 08:00 The Kremlin tightens security around Putin amid fears of internal coup 07:42 Apple tests a streamlined Modular dial for watchOS 27

Unity fixes critical Android game vulnerability threatening crypto users

Monday 06 October 2025 - 16:50
By: Dakir Madiha
Unity fixes critical Android game vulnerability threatening crypto users

Unity Technologies has released patches addressing a critical security flaw in its engine that posed risks to Android users, particularly those managing cryptocurrency wallets. The vulnerability, tracked as CVE-2025-59489, affected games and applications built with Unity 2017.1 and later.

Vulnerability details

The flaw originates from an “untrusted search path” issue, allowing attackers to manipulate how and where a Unity game loads code. Discovered and responsibly disclosed by researcher RyotaK of GMO Flatt Security Inc., the bug enables a malicious app on the same device to send crafted commands via Android intents. These commands could force a Unity game to load a malicious shared library (.so file), executing code with the game’s privileges.

Since many Android games request broad permissions, such an exploit could allow attackers to access data or interfere with other apps, including crypto wallets.

Industry response and mitigation

Unity has provided updated editor builds and a patching tool. Developers are advised to recompile projects with patched Unity versions or use the Unity Application Patcher for apps that cannot be rebuilt from source. Unity confirmed there is no evidence that the vulnerability has been exploited so far.

Other platform providers and distributors have also responded. Valve (Steam) added protections to detect exploit attempts, while Microsoft updated Defender to flag potential attacks. Google and other companies are coordinating mitigation measures. Some game publishers have patched affected titles or temporarily removed them from distribution to apply fixes.

For users, the immediate advice is to update Android games as patches become available, remove untrusted apps, avoid installing unknown APKs, and, for crypto wallet users, maintain a separate secure environment.

A wake-up call for the ecosystem

The incident underscores how vulnerabilities in widely used engines can have far-reaching impacts, potentially threatening areas like cryptocurrency management that might seem unrelated. The swift response across platforms demonstrates the seriousness with which game developers and security teams treat systemic security risks.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

EU recommends member states to avoid using Huawei and ZTE in connectivity infrastructure Technology EU recommends member states to avoid using Huawei and ZTE in connectivity infrastructure
Microsoft launches Agent 365 to manage enterprise AI agents Technology Microsoft launches Agent 365 to manage enterprise AI agents
Google briefly publishes experimental AI app COSMO on Play Store Technology Google briefly publishes experimental AI app COSMO on Play Store
Cognizant to acquire Astreya for about $600 million to boost ai infrastructure strategy Technology Cognizant to acquire Astreya for about $600 million to boost ai infrastructure strategy

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.