The Hacker News

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

CISA adds a critical ASUS Live Update vulnerability to its KEV list, citing active exploitation linked to a past supply chain ...

A poisoned Asus utility tool was found online

The vulnerability plagues Asus Live Update, a utility tool that comes preinstalled on many Asus laptops and desktops. It checks Asus servers for updates, and installs them automatically, including ...

CISA flags ASUS Live Update CVE, but the attack is years old

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines ...
SecurityWeek

CISA Warns of Exploited Flaw in Asus Update Tool

CISA warns of attacks exploiting CVE-2025-59374, a backdoor introduced in the Asus Live Update tool in a supply chain attack.