Microsoft has patched a Secure Boot vulnerability discovered by security researchers Binarly, that allowed threat actors to disable security measures and install bootkit malware on most systems. The flaw, tracked as CVE-2025-3052, existed in a legitimate BIOS update utility trusted by most modern UEFI firmware systems. Initially, the vulnerability was believed to affect only one module but was later found to affect 14, all of which have been secured.
Everything we know about the Hasbro hack so far
The toy-maker keeps running thanks to business continuity plans, but nature of attack remains unclear
