A new security vulnerability called Krook could have let attackers intercept and decrypt some Wi-Fi traffic. The bug affected Wi-Fi chips from Broadcom and Cypress that are used in devices like phones and laptops, as well as some access points and routers, according to security researchers from antivirus firm ESET. They estimate up to a billion devices could have been vulnerable to Krook.
The good news? Broadcom and Cypress have already released updates to patch the vulnerability, according to ESET. The firm said it also worked with industry groups to make sure potentially affected parties, including device manufacturers, were aware of Krook.
Before patches were issued, ESET researchers said they tested and confirmed that Krook impacted some devices from Amazon, Apple, Google, Samsung, Raspberry and Xiaomi, as well as access points from Asus and Huawei.
Broadcom and Cypress didn't immediately respond to requests for comment.