Breaking 14:20 Google CEO Pichai urges US to lead in AI development 13:50 AI system maps ocean currents hourly using existing weather satellites 12:20 Spring-summer 2026 fashion weeks reveal vibrant color palette 11:42 RAVE token surges 2,000 percent as analysts flag market manipulation 11:20 Bitcoin short squeeze risk rises as open interest nears $25 billion 11:00 US naval blockade of Iranian ports takes effect after failed talks 10:40 Gold falls as Trump Hormuz blockade lifts oil and dollar 10:30 Japan calls for swift US–Iran agreement amid rising regional tensions 10:20 Rockstar confirms data breach as hackers set ransom deadline 10:02 Artemis II crew reflects on iconic ‘Earthset’ photo after return 09:20 Hormuz crisis boosts China clean energy exports as oil flows disrupted 09:00 Apple pulls high RAM Mac mini and Mac Studio amid chip shortage 08:44 Rare comet unseen for 170,000 years now visible to naked eye 08:20 Harvard AI decoder cuts quantum computing errors by up to 17 times 08:00 Oil prices surge while gold falls after announcement of Iranian port blockade 07:50 Chinese crystal sets record in race to build nuclear clocks 07:45 United States and Australia double investment in critical minerals projects 17:00 Trump warns China of steep tariffs over potential military support to Iran 15:00 United States deportation policy sends migrants, including Moroccans, to Costa Rica 14:45 Oman urges the United States and Iran to make “painful concessions” to sustain peace talks

Unity fixes critical Android game vulnerability threatening crypto users

Monday 06 October 2025 - 16:50
By: Dakir Madiha
Unity fixes critical Android game vulnerability threatening crypto users

Unity Technologies has released patches addressing a critical security flaw in its engine that posed risks to Android users, particularly those managing cryptocurrency wallets. The vulnerability, tracked as CVE-2025-59489, affected games and applications built with Unity 2017.1 and later.

Vulnerability details

The flaw originates from an “untrusted search path” issue, allowing attackers to manipulate how and where a Unity game loads code. Discovered and responsibly disclosed by researcher RyotaK of GMO Flatt Security Inc., the bug enables a malicious app on the same device to send crafted commands via Android intents. These commands could force a Unity game to load a malicious shared library (.so file), executing code with the game’s privileges.

Since many Android games request broad permissions, such an exploit could allow attackers to access data or interfere with other apps, including crypto wallets.

Industry response and mitigation

Unity has provided updated editor builds and a patching tool. Developers are advised to recompile projects with patched Unity versions or use the Unity Application Patcher for apps that cannot be rebuilt from source. Unity confirmed there is no evidence that the vulnerability has been exploited so far.

Other platform providers and distributors have also responded. Valve (Steam) added protections to detect exploit attempts, while Microsoft updated Defender to flag potential attacks. Google and other companies are coordinating mitigation measures. Some game publishers have patched affected titles or temporarily removed them from distribution to apply fixes.

For users, the immediate advice is to update Android games as patches become available, remove untrusted apps, avoid installing unknown APKs, and, for crypto wallet users, maintain a separate secure environment.

A wake-up call for the ecosystem

The incident underscores how vulnerabilities in widely used engines can have far-reaching impacts, potentially threatening areas like cryptocurrency management that might seem unrelated. The swift response across platforms demonstrates the seriousness with which game developers and security teams treat systemic security risks.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Basic-Fit data breach exposes personal information of 200,000 members in the Netherlands Technology Basic-Fit data breach exposes personal information of 200,000 members in the Netherlands
Microsoft pauses carbon credit purchases, shaking removal market Environment Microsoft pauses carbon credit purchases, shaking removal market
Software stocks fall as Anthropic withholds powerful AI model Technology Software stocks fall as Anthropic withholds powerful AI model
Big Tech workforce stalls despite over 100,000 layoffs since 2022 Technology Big Tech workforce stalls despite over 100,000 layoffs since 2022

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.