Tag: Security Breach

  • Best GTA 6 Trailer & Leak Search Leads YouTuber to Rockstar Studio

    Best GTA 6 Trailer & Leak Search Leads YouTuber to Rockstar Studio

    Key Takeaway

    – Take-Two Interactive has reaffirmed the November 19th release date for GTA 6.
    – Frustration over minimal communication has led fans to extreme measures, including a YouTuber trespassing at Rockstar North.
    – The YouTuber was questioned by police and warned of legal action, but no arrests were made.
    – Past security breaches include drones near windows and fake IDs used to spy on development.
    – A marketing campaign and new trailer are expected by early summer to address fan concerns.

    Take-Two CEO confirms GTA 6 release date

    Take-Two Interactive CEO Strauss Zelnick recently reaffirmed the November 19th GTA 6 release date. Regardless, minimal communication since the last trailer has frustrated fans. Desperate for leaks, a German YouTuber infiltrated the Rockstar Games studio in Edinburgh. This whole situation has left many people questioning what the company is even doing with its silence.

    YouTubers security breach at Rockstar

    Portuguese site Portal Viciados reported on the act, which is being condemned by many gamers. ÜberGaming filmed its team walking through the revolving doors into Rockstar North. In a brief portion of the video, the YouTubers are seen entering the building. Their security breach was quickly over after being told to leave the premises. It was a pretty dumb move if you ask me, they should of known better.

    The local police arrived soon after, questioning the content creators about their intentions. They asked to see the recordings, warning them they could face legal action for spreading any GTA 6 leaks. Ultimately, the authorities chose not to make any arrests. This outcome seems to have only emboldened some fans who think breaking the law is okay for a video game trailer.

    Justification for the break-in

    ÜberGaming justified the behavior by arguing that the studio has ignored its supporters for too long. The passing of the prior May 26th release date was another disappointment. Instead of premiering the third GTA 6 trailer, the second video remains pinned to the official social media account, with an incorrect launch date. This lack of communication has driven some people to extreme measures, which is not good for anyone.

    Community backlash and safety concerns

    While the channel has its supporters, Redditors have slammed the creators for setting a bad example. Besides the illegality of trespassing, employees fearing for their safety is not a laughing matter. It’s also likely crunch time for the developers. Even if the YouTuber failed to leak any secrets, disruptions could be costly at this point. The community needs to think about the human cost of there actions.

    Security at Rockstar Games is tight, prompting obsessed fans to take creative approaches to spying on the studio. Earlier in 2026, a report emerged of gamers flying drones near windows to capture unreleased footage. Other individuals allegedly created fake IDs to snoop on the progress of the creators. These desperate attempts show how starved fans are for any new information about the game.

    Hope for a marketing campaign

    A marketing campaign should begin by the start of the summer. Hopefully, a new GTA 6 trailer will appear shortly to kick off pre-orders and dispel any doubts about another delay. The games price has not been confirmed, but speculations suggest a $70 USD standard edition with potential collectors editions costing much more. System requirements are also unknown, though the PS5 Pro and Xbox Series X are expected to run it at 60fps.

    Sources
    Tags: , , , ,
  • Sony’s PS5 BootROM Keys Leaked: Unfixable Security Flaw

    Sony’s PS5 BootROM Keys Leaked: Unfixable Security Flaw

    Key Takeaways

    1. The PlayStation 5’s ROM keys were leaked online on December 31, 2025, allowing potential for future jailbreaking by modders and hackers.
    2. The leaked BootROM codes are crucial security measures that verify the authenticity of the PS5 bootloader during startup.
    3. With the keys accessible, modders may decrypt the bootloader and execute unsigned code, but an immediate jailbreak is not expected.
    4. Sony faces significant challenges in securing the PS5, potentially requiring redesigns for future models or recalling existing units, which is costly.
    5. The leak could lead to similar issues as seen with the PS3, such as piracy and cheating, but other security measures still protect the console for now.

    Right at the start of 2026, a major security incident unfolded when the PlayStation 5’s ROM keys were made public online, which could give modders and hackers a chance to jailbreak Sony’s console in the future.

    Understanding the Leak

    As reported by Cyber Sec Guru, the ROM keys of the PlayStation 5 are basically codes found in the PS5’s processor. These keys were leaked online on December 31, 2025, and quickly circulated across various forums and wikis.

    For the typical gamer, this doesn’t mean a jailbreak for the PS5 is happening right away, but for those with more technical skills who enjoy exploring the intricate details of Sony’s hardware and software, things could become much easier.

    The Details of the BootROM Codes

    The specific leak involves BootROM codes, which, in simple terms, are the primary security measures activated when powering on your PS5. These codes check if the bootloader is genuine and has not been altered.

    With these keys now accessible, hackers and modders might be able to decrypt and reverse-engineer the bootloader to understand how the console’s startup process functions, with the ultimate goal of executing unsigned code directly on the device. The troubling aspect is that these bootloader keys are embedded straight into the PS5’s silicon, making it nearly impossible for Sony to implement a straightforward update or patch for millions of consoles.

    Sony’s Challenges Ahead

    It’s probable that Sony would have to redesign the PS5 for any future models or even consider recalling the current ones, which is highly unlikely due to the enormous costs involved.

    Although this leak won’t lead to an instant jailbreak, it does make it easier for homebrew developers. The entire set of PS5 bootloader ROM keys has already been published on the PS5 Developer Wiki, containing hex strings and keyseeds.

    This situation is not Sony’s first encounter with hackers and modders exploiting PlayStation security flaws. During the PS3 era, a mistake in cryptography allowed modders to run homebrew software on the console. This resulted in not just rampant piracy but also cheating in online games like Call of Duty.

    Future Implications

    The leak of the PS5 ROM keys could potentially result in similar challenges in the future, such as hackers executing unsigned code or discovering simpler methods to back up and play pirated PS5 games. However, that would require some time, as other security measures remain intact, even if it opens the gateway to potential homebrew on Sony’s latest gaming console.

    Source:
    Link

     

    Tags: , ,
  • 16 Popular Chrome Extensions, Including Adblock, Hacked in Cyber Attack

    16 Popular Chrome Extensions, Including Adblock, Hacked in Cyber Attack

    Key Takeaways

    1. Over 3.2 million users were at risk due to malicious browser extensions that appeared legitimate but injected harmful scripts and stole information.

    2. The attack involved a supply chain breach, allowing attackers to push harmful updates to trusted extensions without users’ knowledge.

    3. Initial purposes of the affected extensions included ad blocking and screen capturing, but updates introduced unauthorized data theft and ad insertion.

    4. Compromised developer accounts enabled attackers to gain control of extensions, exploiting permissions like ‘host_permissions’ and ‘scripting’.

    5. Users should be cautious about installing new extensions and not rely solely on positive reviews, as traditional security protections may be evaded.

    A significant security incident has put more than 3.2 million users at risk due to a series of harmful browser extensions. These extensions, which appeared to be legitimate, were discovered injecting malicious scripts, stealing user information, and committing search engine fraud. Researchers found that this attack was carried out via a supply chain breach, where attackers gained access to trusted extensions and pushed harmful updates without users being aware of it.

    How the Malicious Extensions Operated

    The affected extensions were initially created for purposes like ad blocking, emoji keyboards, and screen capturing, among others. However, updates added hidden scripts that allowed unauthorized data theft, modifications to HTTP requests, and the insertion of ads into webpages. Users who had previously given permissions to these extensions remained oblivious to these changes, which enabled attackers to manipulate their web activities in real-time. Many security experts have noted that the permissions these extensions required, such as host access and scripting controls, made them especially hazardous.

    List of Affected Chrome Extensions

    The investigation has linked this incident to developer accounts that were compromised. Some developers, without realizing it, transferred control of their extensions to the attackers, who then pushed malicious updates through the official browser extension stores. The attack’s framework seems connected to known phishing tactics. The threat actors exploited permissions like ‘host_permissions’, ‘scripting’, and ‘declarativeNetRequest’ to carry out their scheme.

    Similarities to Past Attacks

    Another alarming factor in this campaign is its similarity to earlier supply chain attacks, where trusted software is used as a vehicle for malware distribution. By using the update mechanisms of browser extensions, attackers can evade traditional security protections.

    Currently, the identified extensions have been taken down from official platforms. Nonetheless, users should be cautious and not depend solely on positive reviews when deciding to install new extensions.

    Source:
    Link

    16 Popular Chrome Extensions, Including Adblock, Hacked in Cyber Attack
    Tags:
  • Authy Data Breach Exposes 33M Phone Numbers

    Authy Data Breach Exposes 33M Phone Numbers

    Twilio, the firm responsible for the two-factor authentication app Authy, has experienced a security breach that exposed 33 million phone numbers linked to Authy accounts due to an unsecured API endpoint.

    Details of the Breach

    On July 1, 2024, Twilio revealed the breach through a blog post. The incident was caused by an “unauthenticated endpoint” that permitted unauthorized access to data linked to Authy accounts. Fortunately, no passwords, two-factor authentication seeds, or other highly sensitive account details were compromised, but phone numbers associated with Authy accounts were exposed.

    Threat and Response

    The hacking group ShinyHunters has been identified as the culprits behind the breach. They have released a file containing the exposed phone numbers on a hacking forum, which has heightened the risk of phishing attacks and SIM swapping. In response, Twilio has secured the vulnerable endpoint and assured users that no other Twilio systems or sensitive data were accessed. Users are encouraged to update their Authy apps to the latest versions (Android v25.1.0 or later, iOS v26.1.0 or later) to boost security.

    Preventive Measures for Users

    Authy users should take the following steps to protect themselves:

    • Update the Authy App: Make sure you are using the latest version, which includes crucial security updates.
    • Enable SIM Lock: Protect your SIM card with a passcode to prevent unauthorized transfers.
    • Beware of Phishing and Smishing: Be vigilant of unsolicited messages or calls asking for login information, as these could be attempts to steal your credentials.
    • Consider a Different Authenticator App: You may also switch to a different 2FA app. Aegis Authenticator is a free-to-use option for Android users.

    Official Statement from Twilio

    Twilio has reiterated its dedication to security and transparency, stating, “We believe that the security of our products and our customer’s data is of paramount importance and when an incident occurs that might threaten that security, we tell you about it.”

    Twilio’s Security Incident Response Team is closely monitoring the situation and will provide updates as necessary. Users experiencing issues with their Authy accounts are urged to reach out to Authy support for assistance.

    Tags: