LockBit Ransomware Group Data Leak: Implications for Automotive Cybersecurity
May 21, 2025A recent breach of the LockBit ransomware group exposed chat logs, offering a rare inside look at how victims were targeted and extorted. Automotive companies featured prominently among those attacked. We unpack the key findings and outline practical steps that automotive companies can take to block LockBit attacks or similar incidents.
CyberThreat Research LabExposing the Risks: Security Takeaways From a Successful Android OTA Decryption
May 13, 2025By decrypting an Android OTA update to their vehicle’s infotainment system, a researcher gained access to proprietary code. We examine the method that the researcher used and what it means for modern vehicle security.
CyberThreat Research LabInvisible Commands, Real Consequences: AI Prompt Injection in Vehicle Systems
May 2, 2025As AI assistants become standard features in vehicles, new risks like prompt injection are emerging, quietly manipulating systems through seemingly harmless inputs. We explore how attackers could exploit invisible commands in everyday interactions and why securing AI at the input level is critical to automotive safety.
CyberThreat Research LabHitag2 Key Fob Vulnerability: How Attackers Can Clone Keys in Under a Minute
April 15, 2025Hitag2, a legacy key fob system, has long been known to carry security flaws. A recent demonstration showed that it could be cracked in under a minute. We break down how the attack works and why outdated encryption poses serious risks to modern vehicles.
CyberThreat Research LabBreaking Down the Pioneer IVI System 3-Bug Exploit Chain From Pwn2Own Automotive 2024
March 31, 2025We analyze the three-bug exploit chain demonstrated by security researchers against the Pioneer DMH-WT7600NEX IVI system at Pwn2Own Automotive 2024. We map it to the Automotive Threat Matrix and highlight industry best practices for mitigating similar exploits.
CyberThreat Research LabShifting Gears for 2025: The Next Generation of Automotive Cybersecurity Challenges
March 19, 2025As AI, EVs, and SDVs reshape the automotive industry, cyberthreats are evolving in tandem. Drawing from VicOne’s 2025 automotive cybersecurity report, this article offers key insights into the industry’s threat landscape and outlines the strategies automakers need to stay ahead.
CyberThreat Research LabHow Subaru’s IVI System Admin Panel Vulnerability Could Have Enabled Vehicle Tracking and Control
March 13, 2025Security researchers uncovered a vulnerability in Subaru’s in-vehicle infotainment (IVI) system admin panel, enabling unauthorized access to personal information, GPS records, and vehicle controls. We examine the findings and emphasize the need for automotive manufacturers to adopt a security-first approach throughout the vehicle lifecycle.
CyberThreat Research LabSpate of Ransomware Attacks Targets Automotive Industry in Early 2025
February 26, 2025In the first several weeks of 2025 alone, a surge of ransomware attacks hit the automotive industry. We examine recent cases and their broader implications for automotive cybersecurity.
CyberThreat Research LabFrom Pwn2Own Automotive: 2 RCE Vulnerabilities in the Phoenix Contact CHARX SEC-3100 EV Charging Controller
February 7, 2025We discuss the two vulnerabilities discovered in the Phoenix Contact CHARX SEC-3100 EV charging controller at Pwn2Own Automotive 2024, highlighting their impact and possible mitigations.
CyberThreat Research LabPlaying Doom on an IVI System: More Alpine Halo9 Vulnerabilities From Pwn2Own Automotive 2024
January 14, 2025We examine the NCC Group’s two-bug chain during Pwn2Own Automotive 2024, which enabled the team to play Doom on the Alpine Halo9 iLX-F509 IVI system. We underscore the more serious implications once attackers gain root access and recommend countermeasures to mitigate the risks.
CyberThreat Research LabUnder Pressure: Exploring a Zero-Click RCE Vulnerability in Tesla’s TPMS
December 18, 2024We examine a zero-click remote code execution (RCE) vulnerability in Tesla’s tire pressure monitoring system (TPMS), uncovered by Synacktiv researchers at Pwn2Own Vancouver 2024, and highlight its implications for connected vehicle security.
CyberThreat Research LabFrom Pwn2Own Automotive: A High-Severity Zero-Click RCE Bluetooth Vulnerability in the Alpine Halo9 IVI System
December 12, 2024The Pwn2Own Automotive 2024 competition uncovered a high-severity zero-click RCE Bluetooth vulnerability in the Alpine Halo9 IVI system, highlighting the risks of proprietary implementations in connected vehicles. We explore the discovery, exploitation techniques, and key takeaways for securing automotive technologies against emerging threats.
CyberThreat Research Lab