Breaking 17:20 Microsoft faces AI monetization doubts as Copilot overhaul raises concerns 16:50 Russia launches 16 Rassvet satellites to rival SpaceX Starlink network 16:20 Oman foreign minister says Iran not responsible for ongoing war 15:50 Sephora tests shopping app inside ChatGPT as AI retail expands 15:40 Foreign investors pull $50 billion from Asian stocks amid war driven volatility 15:20 IEA warns Iran war oil crisis exceeds shocks of the 1970s 14:50 Electric vehicle demand surges as oil prices climb above $100 14:20 Astronomers discover 87 stellar streams reshaping Milky Way research 14:15 US Business activity falls to 11-months low amid Middle East tensions 13:45 NASA shifts strategy from lunar orbital station to moon base 13:15 Marco Rubio to attend G7 meeting in France amid Iran conflict 12:50 Jet fuel prices double as Iran conflict disrupts global aviation 11:20 China expands seabed mapping operations with military implications 11:00 Chinese battery giants gain $70 billion as oil shock boosts EV demand 10:40 Apple sets WWDC 2026 for June with preview of iOS 27 10:20 Russia gold reserves fall to four year low amid budget strain 10:00 Soviet submarine leak and Pacific nuclear dome raise contamination concerns 09:40 Japan signals currency intervention as yen nears 160 per dollar 09:20 AWS Bahrain cloud region disrupted again by drone activity 08:50 Global energy crisis deepens as Hormuz disruption enters fourth week 07:50 Oil prices swing as US Iran signals clash over talks 17:50 Dogecoin longs surge raises risk of liquidation cascade

Unity fixes critical Android game vulnerability threatening crypto users

Monday 06 October 2025 - 16:50
By: Dakir Madiha
Unity fixes critical Android game vulnerability threatening crypto users

Unity Technologies has released patches addressing a critical security flaw in its engine that posed risks to Android users, particularly those managing cryptocurrency wallets. The vulnerability, tracked as CVE-2025-59489, affected games and applications built with Unity 2017.1 and later.

Vulnerability details

The flaw originates from an “untrusted search path” issue, allowing attackers to manipulate how and where a Unity game loads code. Discovered and responsibly disclosed by researcher RyotaK of GMO Flatt Security Inc., the bug enables a malicious app on the same device to send crafted commands via Android intents. These commands could force a Unity game to load a malicious shared library (.so file), executing code with the game’s privileges.

Since many Android games request broad permissions, such an exploit could allow attackers to access data or interfere with other apps, including crypto wallets.

Industry response and mitigation

Unity has provided updated editor builds and a patching tool. Developers are advised to recompile projects with patched Unity versions or use the Unity Application Patcher for apps that cannot be rebuilt from source. Unity confirmed there is no evidence that the vulnerability has been exploited so far.

Other platform providers and distributors have also responded. Valve (Steam) added protections to detect exploit attempts, while Microsoft updated Defender to flag potential attacks. Google and other companies are coordinating mitigation measures. Some game publishers have patched affected titles or temporarily removed them from distribution to apply fixes.

For users, the immediate advice is to update Android games as patches become available, remove untrusted apps, avoid installing unknown APKs, and, for crypto wallet users, maintain a separate secure environment.

A wake-up call for the ecosystem

The incident underscores how vulnerabilities in widely used engines can have far-reaching impacts, potentially threatening areas like cryptocurrency management that might seem unrelated. The swift response across platforms demonstrates the seriousness with which game developers and security teams treat systemic security risks.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Microsoft faces AI monetization doubts as Copilot overhaul raises concerns Business Microsoft faces AI monetization doubts as Copilot overhaul raises concerns
XBOW secures $120 million and integrates AI pentesting with Microsoft Technology XBOW secures $120 million and integrates AI pentesting with Microsoft
French Rugby Federation hit by cyberattack affecting 530,000 members Technology French Rugby Federation hit by cyberattack affecting 530,000 members
Microsoft unveils Project Helix, next generation Xbox with PC gaming support Technology Microsoft unveils Project Helix, next generation Xbox with PC gaming support

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.