Breaking 11:50 Canadian dollar rises against European currencies as oil prices surge 10:50 Investors keep buying emerging market ETFs despite sharp market selloff 10:20 Sony ends PC releases for major single player PlayStation games 09:50 Forty years of data reveal subtle shifts inside the Sun 09:20 Trump threatens Spain over base access as NATO allies split on Iran war 08:50 US says it is nearing total control of Iranian airspace 08:20 Jupiter-bound spacecraft captures striking images of interstellar comet 3I/ATLAS 07:50 US and Venezuela probe secret oil contracts signed under Maduro 07:20 Iran death toll passes 1,000 as Senate backs Trump war powers 07:00 Gold plunges as surging dollar dominates safe haven demand 15:45 Americans debate viral calls to send Trump’s son to Iran war 15:20 Trump says Starmer is “not Churchill” over UK stance on Iran strikes 15:13 Germany rules out troop deployment to Eastern Mediterranean amid regional tensions 14:31 Middle East Airlines adds extra Istanbul flights amid regional airspace disruptions 14:20 Gold plunges as surging dollar outweighs Middle East war premium 14:00 Greenland fishers struggle as Arctic warming melts vital sea ice 13:20 Bitcoin tops $71,000 as short squeeze fuels rebound after Iran crisis 12:50 Tanker traffic falls to zero in Strait of Hormuz amid Iran threats 12:40 India LNG importer declares force majeure as Qatar gas shutdown spreads 12:30 US-Spain tensions rise as European Union signals readiness to defend its interests 12:20 US expands evacuations from Saudi Arabia and Oman after Iran strikes diplomatic sites 12:00 EDP chief says Middle East war boosting demand for renewable energy

Unity fixes critical Android game vulnerability threatening crypto users

Monday 06 October 2025 - 16:50
By: Dakir Madiha
Unity fixes critical Android game vulnerability threatening crypto users

Unity Technologies has released patches addressing a critical security flaw in its engine that posed risks to Android users, particularly those managing cryptocurrency wallets. The vulnerability, tracked as CVE-2025-59489, affected games and applications built with Unity 2017.1 and later.

Vulnerability details

The flaw originates from an “untrusted search path” issue, allowing attackers to manipulate how and where a Unity game loads code. Discovered and responsibly disclosed by researcher RyotaK of GMO Flatt Security Inc., the bug enables a malicious app on the same device to send crafted commands via Android intents. These commands could force a Unity game to load a malicious shared library (.so file), executing code with the game’s privileges.

Since many Android games request broad permissions, such an exploit could allow attackers to access data or interfere with other apps, including crypto wallets.

Industry response and mitigation

Unity has provided updated editor builds and a patching tool. Developers are advised to recompile projects with patched Unity versions or use the Unity Application Patcher for apps that cannot be rebuilt from source. Unity confirmed there is no evidence that the vulnerability has been exploited so far.

Other platform providers and distributors have also responded. Valve (Steam) added protections to detect exploit attempts, while Microsoft updated Defender to flag potential attacks. Google and other companies are coordinating mitigation measures. Some game publishers have patched affected titles or temporarily removed them from distribution to apply fixes.

For users, the immediate advice is to update Android games as patches become available, remove untrusted apps, avoid installing unknown APKs, and, for crypto wallet users, maintain a separate secure environment.

A wake-up call for the ecosystem

The incident underscores how vulnerabilities in widely used engines can have far-reaching impacts, potentially threatening areas like cryptocurrency management that might seem unrelated. The swift response across platforms demonstrates the seriousness with which game developers and security teams treat systemic security risks.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Helion reaches 150 million degrees in private fusion milestone Technology Helion reaches 150 million degrees in private fusion milestone
L’UE approuve le rachat de Wiz par Google pour 32 milliards de dollars Technology L’UE approuve le rachat de Wiz par Google pour 32 milliards de dollars
Iran arrests reformist leaders as Khamenei calls for unity Politics Iran arrests reformist leaders as Khamenei calls for unity
Norway confirms Chinese Salt Typhoon hackers breached national networks Technology Norway confirms Chinese Salt Typhoon hackers breached national networks

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.