Automotive Security

AirBorne: Wormable Zero-Click Exploitation of AirPlay Protocol Threatens CarPlay Ecosystems

AirBorne: Wormable Zero-Click Exploitation of AirPlay Protocol Threatens CarPlay Ecosystems

Abstract Oligo Security has identified 23 vulnerabilities—17 assigned CVEs—within Apple’s AirPlay protocol and AirPlay SDK, impacting native Apple devices and third-party implementations, including CarPlay-enabled automotive infotainment systems. Two critical vulnerabilities, CVE-2025-24132 (stack-based buffer overflow) and CVE-2025-24252 (use-after-free), permit wormable zero-click remote code execution (RCE) under certain configurations.

Read More
Advancing Automotive Security: easycore Highlights Innovations at the 31st VDI/VW Automotive Security Conference

Advancing Automotive Security: easycore Highlights Innovations at the 31st VDI/VW Automotive Security Conference

At the 31. VDI/VW-Gemeinschaftstagung Automotive Security / Security und Datenschutz im Fahrzeug von morgen (31st VDI/VW Joint Conference on Automotive Security: Security and Data Protection in the Vehicle of Tomorrow, ), held in Wolfsburg—a hub for automotive innovation—easycore delivered groundbreaking insights under the title “Cryptographic Methods for Automotive Use Cases.” The session spotlighted findings from a collaborative research initiative with Daimler AG, reinforcing easycore’s role as a pioneer in securing next-generation automotive ecosystems.

Read More