Espressif just published a security advisory (AR2026-006) about a flaw in the ECDSA-based Secure Boot mechanism on four SoCs: the ESP32-H2, ESP32-C5, ESP32-C61, and ESP32-P4. The short version is t...

ESP32-S3 AES Key Recovery Using Voltage Fault Injection Espressif just published a security advisory AR2026-005 about a vulnerability in the ESP32-S3’s general-purpose AES peripheral. An independe...

There’s a question you should be able to answer about your shipping product at any moment: what known vulnerabilities are baked into the firmware running in the field right now? If you can’t answer...

Espressif just published a security advisory (AR2026-001) about a vulnerability in the ESP32-C5’s flash encryption. A researcher from Positive Technologies found a way to bypass the pseudo-round co...

Espressif has released v6.0 as the latest stable release of IDF. It is officially recommended for new https://github.com/espressif/esp-idf/releases/tag/v6.0 This release will be supported through...

Espressif has released v5.5.3 as the latest stable release of IDF. The full changelog can be found here: https://github.com/espressif/esp-idf/releases/tag/v5.5.3 This release will be supported th...

A lot of changes are coming in IDF 6. Here is a look at the ones that are likely to affect your project.

Redefine native IDF API functions to customize behavior without touching the IDF source code.

Add internet access when emulating your ESP32 project in QEMU.

When the ULP crashes, your ESP32 doesn't reboot. So how are you supposed to handle it?