Chipmaker giant Qualcomm released patches on Monday fixing a series of vulnerabilities in dozens of chips, including three zero-days that the company said may be in use as part of hacking campaigns.
Qualcomm cited Google’s Threat Analysis Group, or TAG, which investigates government-backed cyberattacks, saying the three flaws “may be under limited, targeted exploitation.” According to the company’s bulletin, Google’s Android security team reported the three zero-days (CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038) to Qualcomm in February.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- CouchPotato: CIA Hacking Tool to Remotely Spy On Video Streams in Real-Time
August 10, 2017
After disclosing CIA’s strategies to hijack and manipulate webcams and microphones to corrupt or delete recordings, WikiLeaks has now published another Vault 7 leak, revealing CIA’s ability to spy on video streams remotely in real-time. Dubbed ‘CouchPotato,’ document leaked from the CIA details how the CIA agents use a remote tool to stealthy collect RTSP/H.264 video streams. Real Time Streaming Protocol, or RTSP, ...
- SAP Patch Tuesday Update Resolves 19 Flaws, Three High Severity
August 9, 2017
SAP released 19 patches on Tuesday, fixing a trio of vulnerabilities marked high severity in its business management software. The most pressing fixes are for a directory traversal vulnerability in the company’s Netweaver AS Java Web Container, a code injection vulnerability in its Visual Composer design tool, and a cross-site AJAX request vulnerability in its BusinessObjects suite of applications. The ...
- Self-Driving Cars Can Be Hacked By Just Putting Stickers On Street Signs
August 8, 2017
Car Hacking is a hot topic, though it’s not new for researchers to hack cars. Previously they had demonstrated how to hijack a car remotely, how to disable car’s crucial functions like airbags, and even how to steal cars. But the latest car hacking trick doesn’t require any extra ordinary skills to accomplished. All it takes is a simple sticker onto ...
- Exploits Available for Siemens Molecular Imaging Vulnerabilities
August 4, 2017
Siemens is readying patches for a number of vulnerabilities in its molecular imaging products, including some where public exploits are available. Advisories published Thursday by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) indicate that the flaws are remotely exploitable. “Siemens is preparing updates for the affected products and recommends protecting network access to the Molecular ...
- Cisco Fixes DoS, Authentication Bypass Vulnerabilities, OSPF Bug
August 3, 2017
Cisco fixed 15 vulnerabilities this week in more than a dozen products, including two high severity vulnerabilities that could have let an attacker trigger a denial of service condition or bypass local authentication. The more severe bugs fixed on Wednesday exist in the company’s Identity Services Engine and its Videoscape Distribution Suite. The bypass, which exists ...
- IBM Patches Reflected XSS in Worklight, MobileFirst
August 2, 2017
BM fixed a cross-site scripting vulnerability in two products last month that could have let an attacker execute malicious JavaScript code in a victim’s browser to steal sensitive information, or user credentials. The vulnerability (CVE-2017-1500) lingered in the products, Worklight and MobileFirst, for almost a year. Gabriele Gristina, a security consultant for the Italian information security ...