Arm is bringing custom instructions to its Cortex-M processors. The overall security of these processors will depend on how these instructions are actually implemented.
A new attack that exploits a weakness in the DDIO feature of some Intel chips can leak sensitive data, including SSH keystrokes.
Like the earlier Meltdown and Spectre class of bugs, the new side-channel attacks ZombieLoad, RIDL, and Fallout take advantage of weaknesses in the processor's speculative execution feature to harvest secrets from system memory.
Researchers from NCC Group developed an attack that can pull private keys from the hardware-backed keystore in some Qualcomm chips.
Supply chain attacks are scary, but there are plenty of other hardware-based issues organizations should be worrying about before they have to panic about the complex malicious implants in their servers.