Critical Security Flaw in Subaru Starlink System Exposed Remote Vehicle Access Risk
Researchers uncovered a severe vulnerability in Subaru's Starlink service that allowed unauthorized access to vehicles and customer data across multiple countries. The flaw, which could be triggered using basic customer information, enabled remote vehicle control and access to sensitive personal data.
Critical Security Flaws in Subaru Starlink System Expose Millions of Vehicles to Remote Access
Researchers uncovered vulnerabilities in Subaru's Starlink system that allowed unauthorized access to vehicle locations and remote control functions affecting millions of cars. The flaws enabled tracking of detailed location histories and control of features like door locks and engine start, raising broader privacy concerns in the automotive industry.
Critical Vehicle Security Flaws Net $382,750 in Rewards at Pwn2Own Automotive 2025
Security researchers exposed 16 critical vulnerabilities in automotive systems during Pwn2Own Automotive 2025's opening day in Tokyo, focusing on infotainment systems, EV chargers, and operating systems. Multiple teams successfully demonstrated exploits of charging infrastructure, while a $500,000 Tesla autopilot challenge remained unattempted.
US to Ban Chinese and Russian Auto Tech Over National Security Concerns
The U.S. Department of Commerce announced major restrictions on Chinese and Russian automotive technology, citing cybersecurity risks in modern connected vehicles. The ban targets vehicle connectivity and automated driving systems starting 2027, amid growing concerns about data security and foreign influence.
Volkswagen Data Breach Exposes Location Data of 800,000 EV Owners
A major security breach at Volkswagen's software subsidiary exposed sensitive location data and personal information of 800,000 electric vehicle owners across Europe. The unprotected cloud server leaked precise location tracking data for months, affecting politicians, police fleets and potentially intelligence personnel.
Major Privacy Breach Exposes Location Data of 800,000 VW Group Electric Vehicles
A critical security flaw at Volkswagen's Cariad software unit exposed sensitive GPS coordinates and personal information of hundreds of thousands of electric vehicles across Europe. The breach, which revealed detailed tracking data through an unprotected AWS storage system, affected vehicles from VW, Audi, Seat and Skoda brands.
Security Flaw in Digital License Plates Enables Toll and Ticket Evasion
A critical vulnerability in Reviver's digital license plates allows hackers to modify displayed numbers via smartphone, potentially enabling toll evasion and ticket fraud. The hardware-level flaw affects 65,000 units across the US and cannot be fixed with a software update.