Researchers Expose New Supply Chain Threat to Confidential Computing At Black Hat Europe this week, security researchers from Belgium’s KU Leuven University revealed a critical vulnerability in confidential computing technologies, demonstrating how a low-cost hardware attack could bypass protections in Intel SGX and AMD SEV. Confidential computing relies on hardware-based enclaves—such as Intel’s Software Guard Extensions (SGX) and AMD’s Secure Encrypted Virtualization (SEV)—to encrypt and isolate sensitive data in memory, shielding it from privileged attackers and physical threats like cold boot attacks. These technologies are widely used in cloud environments to secure workloads. However, researchers Jesse De Meulemeester and Jo Van Bulck developed a custom $50 DDR4 interposer—a hardware device inserted between memory modules and the motherboard—that manipulates memory address mapping. By exploiting this flaw, the attack tricks the processor into granting unauthorized access to encrypted memory regions, even on fully patched systems. The findings highlight a new supply chain risk, as the attack could be deployed during manufacturing or distribution without detection. The demonstration underscores persistent challenges in securing hardware-based encryption, particularly against physical tampering, and raises concerns about the long-term resilience of confidential computing frameworks.

A newly discovered class of vulnerabilities in Intel processors, termed Branch Predictor Race Conditions (BPRC), allows attackers to systematically extract sensitive data from the cache and random-access memory (RAM) of other users sharing the same hardware. Affecting all Intel processors released in the past six years-including those in consumer devices and cloud server infrastructure-the vulnerability exploits speculative execution technologies designed to accelerate computational performance. Researchers from ETH Zurich’s Computer Security Group (COMSEC) demonstrated that malicious actors could leverage BPRC to bypass privilege barriers at the processor level, achieving unauthorized readouts of memory contents at rates exceeding 5,000 bytes per second. This flaw poses acute risks for multi-tenant cloud environments, where shared hardware resources amplify the potential for cross-user data breaches. Speculative Execution and Its Inherent Security Trade-Offs Modern processors employ speculative execution to predict and precompute likely instructions, reducing latency in program execution. By anticipating branches in code execution paths, such as conditional statements, CPUs can maintain computational throughput even during delays caused by data fetches from slower memory systems. However, this performance optimization creates side channels that attackers can exploit. ETH Zurich’s Kaveh Razavi, head of COMSEC, notes that speculative technologies “fundamentally undermin

A security researcher, Eaton Z, discovered critical vulnerabilities in Intel’s internal portals, including a business card login system that could be manipulated to bypass authentication. By exploiting weak verification mechanisms, the researcher accessed a 1GB data file containing personal details of over 270,000 Intel employees, including names, roles, managers, addresses, and phone numbers. The breach extended beyond a single system, with three additional Intel websites (Product Hierarchy, Product Onboarding, and a supplier portal) found to have hardcoded, easily decryptable credentials, enabling unauthorized access. The exposed data poses severe risks, such as identity theft, phishing, and social engineering attacks, while also undermining Intel’s reputation in digital trust. Despite reporting the flaws in October 2024, Intel only patched them by February 2025 and denied bug bounty compensation, citing program exclusions. The incident highlights how basic application design oversights—rather than sophisticated cyberattacks—can lead to large-scale internal data leaks, with potential long-term operational and security repercussions.

The links to the source code leak for the Intel UEFI BIOS of Alder Lake CPUs was recently posted by a Twitter user named 'freak'. The leak contained 5.97 GB of files, source code, private keys, change logs, and compilation tools, with the latest timestamp on the files being 9/30/22, likely to be the time when a hacker or insider copied the data. However it is still not confirmed that the source code was stolen during a cyberattack or leaked by an insider.

The Iranian ransomware-as-a-service operation, Pay2Key.I2P, reemerged after a five-year hiatus, targeting organizations in the US and Israel. The group, linked to the Iranian government-backed Pioneer Kitten, has a history of targeting Israeli companies, including Intel's subsidiary Habana Labs. In late 2020, Pay2Key claimed to have stolen 53GB of data from Habana Labs, threatening to leak it. The group's updated ransomware now includes capabilities from Mimic ransomware, posing a significant threat to organizations' data security.

Intel experienced a data breach that resulted in an online leak of 20GB of internal documents. Many files are marked confidential or restricted secret. The leaked files contained Intel intellectual property respective to the internal design of various chipsets. The files contained technical specs, product guides, and manuals for CPUs dating back to 2016.