VulnHub

Real-time Cybersecurity News

Swipe, Plug-in, Pwned: Researchers Find New Ways to Hack Vehicles

darkreading

Overview

During the Pwn2Own contest at Automotive World 2026, security researchers successfully exploited multiple vulnerabilities in vehicle infotainment systems and electric vehicle (EV) chargers. These findings raise significant concerns about the security of modern vehicles, which increasingly rely on complex software for functionality. The vulnerabilities could potentially allow attackers to gain unauthorized access to vehicle systems, posing risks to both drivers and passengers. As vehicles become more connected, the implications of these security flaws extend beyond individual cars to broader public safety and privacy issues. Manufacturers must take these findings seriously to protect their customers and ensure the safety of their products.

Key Takeaways

  • Affected Systems: Vehicle infotainment systems, electric vehicle chargers
  • Action Required: Manufacturers should investigate and patch the identified vulnerabilities in their systems.
  • Timeline: Newly disclosed

Original Article Summary

Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers during the latest Pwn2Own contest at Automotive World 2026.

Impact

Vehicle infotainment systems, electric vehicle chargers

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Newly disclosed

Remediation

Manufacturers should investigate and patch the identified vulnerabilities in their systems.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

Malicious Commands in GitHub Codespaces Enable RCE

Infosecurity Magazine

Recent security research has uncovered vulnerabilities in GitHub Codespaces that could allow attackers to execute malicious commands remotely. These flaws can be exploited through specially crafted repositories or pull requests, putting users and organizations that rely on this service at risk. If successfully exploited, attackers could gain unauthorized access to sensitive code or data, leading to potential data breaches or system compromises. This incident emphasizes the need for developers and companies using GitHub Codespaces to remain vigilant and implement necessary security measures to protect their environments. Users are urged to monitor for updates from GitHub regarding this issue.

Feb 5, 2026

Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign

SecurityWeek

Researchers have uncovered a sophisticated scam operation that uses artificial intelligence to clone more than 150 law firm websites. These cloned sites are designed to deceive potential clients into sharing personal information or making payments. The criminals are employing tactics like hiding behind Cloudflare to mask their identities and frequently changing their IP addresses to evade detection. This operation raises serious concerns for anyone seeking legal services online, as unsuspecting users could easily fall victim to these fraudulent sites. It highlights the growing use of AI in cybercrime and the need for increased vigilance from both consumers and cybersecurity professionals.

Feb 5, 2026

Smartphones Now Involved in Nearly Every Police Investigation

Infosecurity Magazine

According to data from Cellebrite, smartphones have become integral to almost every police investigation. This trend emphasizes the growing reliance on digital evidence in law enforcement, as officers increasingly turn to data from mobile devices to solve cases. The information gathered from these devices can include text messages, call logs, location data, and photos, all of which can provide critical insights into criminal activities. The findings suggest that as technology continues to evolve, police methods are also adapting, making digital forensics a key component in modern investigations. This shift raises important questions about privacy and data security, as the line between personal information and investigative needs becomes increasingly blurred.

Feb 5, 2026

Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says

SecurityWeek

Italy's government has successfully thwarted a series of cyberattacks linked to Russian sources, aimed at its foreign ministry offices, including one located in Washington, D.C. These attacks were reportedly targeting websites associated with the upcoming Winter Olympics. The Italian Foreign Minister announced the prevention of these incidents, emphasizing the ongoing risks posed by cyber threats in international contexts. This situation underlines the vulnerabilities that governments face, particularly during significant global events like the Olympics. The foiled attacks serve as a reminder of the persistent cyber warfare tactics employed by nation-states.

Feb 5, 2026

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

SecurityWeek

A recent report from Palo Alto Networks reveals that a cyberspy group has successfully targeted governments and critical infrastructure across 37 countries. While the specific origin of these attacks hasn't been confirmed, there are strong indications pointing to China as the likely source. The affected entities include various government agencies and critical infrastructure sectors, which raises significant concerns about national security and the potential for disruption in essential services. The scale of the operation suggests a sophisticated level of planning and execution, highlighting the ongoing risks that nation-states pose in the cyber realm. This incident serves as a reminder for organizations worldwide to bolster their cybersecurity defenses and remain vigilant against such threats.

Feb 5, 2026

Why boards should be obsessed with their most ‘boring’ systems

CyberScoop

Recent cyberattacks have prompted boards of directors to take a closer look at enterprise resource planning (ERP) systems, which are often overlooked but can be vulnerable to significant security threats. A notable example is the cyberattack on Jaguar Land Rover (JLR) in September 2025, which showcased the severe repercussions of such incidents. This attack not only disrupted operations but also highlighted the risks that come with failing to adequately secure these 'boring' systems. As organizations reassess their cybersecurity strategies, it's clear that even the most mundane systems can have catastrophic impacts if left unprotected. Companies are encouraged to prioritize the security of their ERP systems to prevent similar incidents in the future.

Feb 5, 2026