Unity Security Flaw: Developers Urged to Patch Now

A high-severity vulnerability has been disclosed in the Unity game engine, affecting versions from 2017.1 onward on major desktop and mobile platforms. The flaw could allow an attacker to execute malicious code and exfiltrate data from a user's machine through an affected game or application. In response, Unity has urged developers to take immediate action by updating their projects, and some game studios have temporarily removed titles from online stores as a precaution. While there is no evidence of active exploitation, platform partners have deployed mitigations to protect users. Unity has released patched editor versions and a binary patching tool to help developers secure their applications.

Latest mentioned: 10-06

Earliest mentioned: 10-04

Sources

theverge.com thecyberexpress.com

Also Read

WordPress WooCommerce Sites Targeted by Sophisticated Malware

The Wordfence Threat Intelligence Team has uncovered a sophisticated malware campaign targeting WordPress e-commerce sites using the WooCommerce plugin. The malware, disguised as legitimate plugins like 'jwt-log-pro' and 'cron-environment-advanced,' hides malicious payloads inside fake images and evades detection through custom encryption. It logs users with high privileges, intercepts login credentials, and establishes a backdoor for remote command access. The malware is attributed to Magecart Group 12, known for credit card skimming operations. The campaign has compromised over 25,000 IP addresses, primarily in Southeast Asia and North America, with a focus on network video recorders and routers.

10-31Read more →