Ransomware Can Now Infect Your Processor - 1

Image by Joseph Greve, from Unsplash

Ransomware Can Now Infect Your Processor

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

A cybersecurity expert has revealed that ransomware can now be installed directly onto a computer’s CPU, bypassing nearly all traditional forms of protection.

In a rush? Here are the quick facts:

  • Ransomware can now run directly from CPU microcode, bypassing all defenses.
  • Expert Christiaan Beek developed a working proof-of-concept.
  • Industry focus on AI overlooks core cybersecurity hygiene.

Christiaan Beek, a senior threat analyst at Rapid7, demonstrated a proof-of-concept (PoC) that hides ransomware in a chip’s microcode—the low-level code that controls processor behavior, as first reported by The Register .

The idea came from a serious vulnerability in AMD’s Zen processors, first uncovered by Google researchers. The flaw allowed attackers to replace the CPU’s random number generator with malicious code that always selects the number 4, as reported by The Register.

“Coming from a background in firmware security, I was like, woah, I think I can write some CPU ransomware,” Beek told The Register. Beek stated that he tested this method himself, and worked.

Although Beek has no intention of releasing the code, he described the breakthrough as “fascinating.” He warned that once ransomware reaches the CPU level or firmware, it can completely bypass antivirus software, firewalls, and other standard security tools.

The Register notes that tis type of threat isn’t just theoretical. Criminals have already been developing similar techniques. Leaked 2022 chat logs from the Conti ransomware gang revealed developers were working on ransomware that infects UEFI firmware—software that loads before the operating system.

Beek criticized the industry’s focus on trendy tech like AI and machine learning while basic security flaws go unaddressed. “We should not be talking about ransomware in 2025—and that fault falls on everyone,” he said to The Register.

“It’s a high-risk vulnerability, or a weak password, or we haven’t deployed multi-factor authentication. That is frustrating,” he added.

His message to companies is clear: focus less on buzzwords and more on cybersecurity basics. Otherwise, the threats will only get worse.

Nintendo Warns It May Brick Hacked Switch Consoles - 2

Image by Yasin Hasan, from Unsplash

Nintendo Warns It May Brick Hacked Switch Consoles

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Nintendo added a new warning to its user agreement which states that console modification or hacking could result in permanently disabling your Switch console.

In a rush? Here are the quick facts:

  • Nintendo updated its user agreement in May 2025.
  • Hacked Switch consoles may be permanently disabled.
  • New terms apply to both Switch and Switch 2.

The new terms which Nintendo introduced in May 2025 apply to all Nintendo Account Services, including games, downloads, and online access, for both current and future Switch models, as noted by Ars Technica .

The updated rules say users may not “bypass, modify, decrypt, defeat, tamper with, or otherwise circumvent” any system functions or protections, as reported by Game File .

Game File reported that Nintendo now states:

“You acknowledge that if you fail to comply with the foregoing restrictions Nintendo may render the Nintendo Account Services and/or the applicable Nintendo device permanently unusable in whole or in part.”

Ars Technica explains that using third-party flash cards or installing unauthorized game copies would result in console bricking, which makes the device completely unusable.

The company has already banned online access for hacked consoles, but this new language indicates Nintendo could now disable consoles even when they are offline. It’s unclear how they would do this, or if users could fix affected devices, as reported by Ars Technica.

The EULA also allows Nintendo to suspend a user’s access before a violation occurs, if it has “a reasonable belief such a violation… will occur.” The company says this may be necessary “to prevent harm to other users or the Nintendo Account Services,” noted Ars Technica.

The change comes at a time when emulator use and piracy are hot topics in gaming. The warning appears to be a direct response to growing concerns over unauthorized game use and hacking.