Prerequisites for Vulnerability Management in Automotive Cybersecurity in the AI Era
As AI accelerates exploit development, CVSS scores alone no longer suffice. Here's what automotive OEMs and suppliers must prioritize now.
Blog
Copy Fail and DirtyFrag: When Linux Kernel Flaws Become Automotive Cybersecurity Risks
Copy Fail (CVE-2026-31431) exposes how a Linux kernel flaw can impact automotive systems. See the risk, MITRE mapping, and xCarbon response.
VicOne Situational Awareness Report: Cybersecurity in the Automotive, Transportation, and Logistics Sectors in Q1 2026
VicOne recorded 405 automotive cybersecurity incidents in Q1 2026. Ransomware persisted, EV charging incidents tripled, and AI emerged as a new attack surface. This report breaks down the threats by region, domain, and vulnerability type.
AI Supply Chain Attacks Are Here: What Automotive OEMs Need to Know
AI supply chain attacks are no longer theoretical. VicOne's Automotive CyberThreat Research Lab breaks down how attackers are exploiting AI development tooling, why automotive OEMs face elevated exposure, and what security teams should do now.
EV Charging Security Now Demands Infrastructure-Level Thinking
EV charging is an ecosystem risk, not a device problem. Each session connects charger hardware, vehicle systems, apps, and cloud platforms into one attack surface. Pwn2Own Automotive 2026 proved the risk is active: 76 zero-days disclosed, $1,047,000 awarded, and EV chargers from multiple manufacturers successfully exploited. Securing it requires coordinated controls across the full stack.
GlassWorm: When Invisible Code Exposes Gaps in Software Supply Chain Security
With invisible code, decentralized infrastructure, and self-propagation, GlassWorm reveals critical gaps in modern software supply chain defenses — and raises a question that automotive security teams cannot afford to ignore: how secure are the environments used to build the vehicles themselves?
Beyond the Vehicle: Understanding Cyber Risk in Robotaxis
Real-world incidents and underground intelligence reveal how cyber risk in robotaxis extends beyond vehicles to platforms, supply chains, and operations.
Automotive Cyber Risks to Watch: From Zero-Days to AI Backdoors
Modern vehicles face evolving cyber risks, from zero-day vulnerabilities to emerging AI backdoors. Here's what they mean for the future of mobility.
From Bug Bounty to Battlefield: What Pwn2Own Automotive Reveals About Real-World Risk
The Pwn2Own Automotive zero-day vulnerability discoveries highlight expanding attack surfaces, gaps in CVE visibility, and evolving automotive cybersecurity risks.
When Telematics Becomes Intelligence: The Security Implications of AI-Driven Connectivity
When telematics becomes intelligent, vulnerabilities don’t just leak data—they influence operations. Discover how AI amplifies fleet-wide risk and why SDV security must extend beyond the network layer.
At a Crossroads: Automotive Cybersecurity in the Overlap Era
In the 2026 VicOne Automotive Cybersecurity Report, we examine the critical crossroads created by the overlap of legacy platforms, software-defined systems, and AI-driven technologies — and how stakeholders can navigate the path forward.
What Instrument Cluster Testing Reveals About CAN Bus Trust and System Resilience
This article examines how instrument cluster bench testing exposes trust assumptions inherent in CAN-based vehicle architectures. By observing how unauthenticated CAN messages influence cluster behavior, it highlights design considerations that directly impact system resilience, safety, and risk management as automotive connectivity increases.
From On-board AI to Physical AI: Why Automotive Cyber Risk Has Entered a New Era
Modern vehicles are now Physical AI systems, where probabilistic decisions control real-world actions and raise new safety and cyber risks. Securing them requires AI-aware threat modeling, lifecycle governance, and continuous assurance to keep systems safe.