Hackers Love Asus Live Update: A Comedy of Errors in Cybersecurity!

Hackers are exploiting a vulnerability in the now-defunct Asus Live Update utility, warns CISA. The flaw, CVE-2025-59374, is linked to Operation ShadowHammer, a supply chain attack by Chinese state-sponsored hackers. CISA advises discontinuing use of the utility, urging immediate action from federal agencies.

3P
Published: December 18, 2025 1:35 pmAdded: December 18, 2025 at 5:47 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that updating your Asus device could be your Achilles’ heel? In the grand tradition of surprise plot twists, your favorite utility has turned into an unintentional spy, courtesy of a shadowy alliance of hackers and discontinued software. Buckle up, Asus users, your firmware might be having a secret rendezvous with APT41!

Key Points:

  • CISA warns of a critical Asus Live Update vulnerability, known as CVE-2025-59374, with a high CVSS score of 9.3.
  • The vulnerability stems from a sophisticated supply chain attack called Operation ShadowHammer by Chinese state-sponsored hackers.
  • Over 1 million users potentially affected, but hackers targeted only 600 specific devices.
  • Asus discontinued the Live Update utility but recommends updating to version 3.6.8 or higher.
  • Federal agencies have been given a three-week deadline to identify and address vulnerable products.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?