Breaking 13:20 US crude premiums hit record highs as Asia and Europe scramble for supply 13:15 Timeline of Nancy Guthrie abduction case in Arizona 13:00 Bitcoin jumps 3% on Iran ceasefire proposal as short squeeze hits crypto market 12:40 Oil prices ease on ceasefire talks as global energy crisis deepens 12:20 Mazda halts Middle East vehicle production until May as Hormuz closure hits Japanese automakers 12:15 Neurocrine to acquire Soleno Therapeutics for $2.9 billion 11:50 Gulf states near depletion of air defense interceptors as Iran's missile campaign grinds on 11:20 Gulf sovereign funds near $24 billion deal to back Paramount's Warner acquisition 11:15 TSX futures rise as investors monitor US-Iran peace proposal 11:00 Altman tells CEOs to lock in AI capacity now or risk falling behind 10:30 Global equity funds see second week of inflows amid hopes for war de-escalation 10:05 Taiwan secures alternative LNG supply as Hormuz blockade enters second month 09:45 Artemis II pilot delivers Easter message from deep space, calling humanity one people 09:45 Oil prices hover around $110 amid Middle East tensions 09:12 Artemis II crew begins historic lunar flyby, breaking distance records set in 1972 08:45 OpenAI's CFO privately questions Altman's push for a 2026 stock market listing 08:20 Artemis II moonshot and a sci-fi blockbuster put space back in the spotlight 07:50 Artemis II crew tests survival suits ahead of historic lunar flyby 16:01 Trump sets Tuesday deadline for Iran to reopen Strait of Hormuz

Unity fixes critical Android game vulnerability threatening crypto users

Monday 06 October 2025 - 16:50
By: Dakir Madiha
Unity fixes critical Android game vulnerability threatening crypto users

Unity Technologies has released patches addressing a critical security flaw in its engine that posed risks to Android users, particularly those managing cryptocurrency wallets. The vulnerability, tracked as CVE-2025-59489, affected games and applications built with Unity 2017.1 and later.

Vulnerability details

The flaw originates from an “untrusted search path” issue, allowing attackers to manipulate how and where a Unity game loads code. Discovered and responsibly disclosed by researcher RyotaK of GMO Flatt Security Inc., the bug enables a malicious app on the same device to send crafted commands via Android intents. These commands could force a Unity game to load a malicious shared library (.so file), executing code with the game’s privileges.

Since many Android games request broad permissions, such an exploit could allow attackers to access data or interfere with other apps, including crypto wallets.

Industry response and mitigation

Unity has provided updated editor builds and a patching tool. Developers are advised to recompile projects with patched Unity versions or use the Unity Application Patcher for apps that cannot be rebuilt from source. Unity confirmed there is no evidence that the vulnerability has been exploited so far.

Other platform providers and distributors have also responded. Valve (Steam) added protections to detect exploit attempts, while Microsoft updated Defender to flag potential attacks. Google and other companies are coordinating mitigation measures. Some game publishers have patched affected titles or temporarily removed them from distribution to apply fixes.

For users, the immediate advice is to update Android games as patches become available, remove untrusted apps, avoid installing unknown APKs, and, for crypto wallet users, maintain a separate secure environment.

A wake-up call for the ecosystem

The incident underscores how vulnerabilities in widely used engines can have far-reaching impacts, potentially threatening areas like cryptocurrency management that might seem unrelated. The swift response across platforms demonstrates the seriousness with which game developers and security teams treat systemic security risks.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

French AI Minister to attend GITEX Africa 2026 in Morocco Technology French AI Minister to attend GITEX Africa 2026 in Morocco
AI-powered cyberattacks reach a "pivotal moment," experts warn Technology AI-powered cyberattacks reach a "pivotal moment," experts warn
All 7 AI models tested conspired to prevent shutdown of peers, study finds Technology All 7 AI models tested conspired to prevent shutdown of peers, study finds
Microsoft plans $5.5 billion investment in Singapore by 2029 Technology Microsoft plans $5.5 billion investment in Singapore by 2029

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.