Two news stories have shaken the cybersecurity world. On one side, a vulnerability discovered in a popular gaming speaker shows that a USB-connected device can infect a PC without ever being physically touched. On the other, a former cybersecurity executive turned whistleblower accuses IBM of covering up multiple data breaches for years.
Speaker infected over the air
The Sound Blaster Katana V2X, a highly reviewed soundbar, contains a flaw that allows an attacker to inject malicious code through audio signals transmitted via Bluetooth or audio cable. The attack vector is remote: sending a crafted audio file can execute arbitrary commands on the connected computer. The seller does not consider this a vulnerability, but security researchers stress the issue is real and exploitable. The concrete implication is that even a seemingly harmless peripheral device can become a gateway for attacks such as ransomware or spyware.
IBM accused of covering up breaches
At the same time, a lawsuit filed by a former IBM cybersecurity executive alleges that the company and two subsidiaries suffered several data breaches in the mid-2010s and did not disclose them, instead actively covering them up. The whistleblower claims to have internal evidence showing efforts to conceal the incidents. If the allegations hold, this would be one of the most serious cover-up cases in Big Tech history, with legal and trust repercussions for the entire industry.
While separate, these stories share a common thread: perceived security is often far from real security. A gaming speaker should not be able to compromise a modern operating system, and a giant like IBM should not hide breaches. The lesson for companies and users is clear: cybersecurity must be verified at every level, from peripheral hardware to reporting transparency. Authoritative sources like Ars Technica and TechCrunch have documented both cases.
Sponsored Protocol
