Google fixes two actively exploited zero-day vulnerabilities in Android


Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published.

The term reflects the amount of time that a vulnerable organization has to protect against the threat by patching—zero days. The April updates are available for Android 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Cyber crime a big threat to Nigeria’s oil, gas sector

    May 14, 2025

    Nigeria’s strategic oil and gas industry has been urged to beef up its cyber security and avoid massive potential cost to the economy if current measures fail. According to Check Point’s African Perspectives on Cyber Security Report 2024, Nigeria continues to face one of the highest frequencies of cyber attacks in Africa, with organisations being attacked ...

  • France: Daughter of crypto boss escapes Paris kidnap attempt in latest in series of attacks

    May 14, 2025

    Passers-by helped to foil the attempted kidnapping by armed assailants of the daughter and grandson of a French cryptocurrency boss in Paris, in a brazen daytime attack that was caught on camera. The incident prompted Paymium, the Crypto firm owned by the father of the woman targeted, to demand “protections” for companies in France’s cryptocurrency sphere. ...

  • DarkCloud Stealer: Comprehensive Analysis of a New Attack Chain That Employs AutoIt

    May 14, 2025

    In January 2025, Unit 42 researchers identified a series of attacks distributing DarkCloud Stealer. The latest attack chain incorporated AutoIt to evade detection and used a file-sharing server to host the malware. This article explores the chain of events from these recent campaigns and analyzes the characteristics of these attacks. DarkCloud employs multi-stage payloads and obfuscated ...

  • M&S warns shoppers are at risk from scammers after cyber attack

    May 14, 2025

    Marks & Spencer has warned shoppers to be on the lookout for scam calls and emails after hackers stole customer data from its systems. The retailer is this week writing to customers to alert them that personal data have been taken by cyber criminals, including partial credit card details, contact information, dates of birth and order ...

  • Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan

    May 13, 2025

    In July 2024, Trend Micro disclosed the TIDRONE campaign, in which threat actors targeted Taiwan’s military and satellite industries. During their investigation, Trend Micro researchers discovered that multiple compromised entities were using the same enterprise resource planning (ERP) software. This led the researchers to engage with the ERP vendor, through which they uncovered additional details that ...

  • Horabot Unleashed: A Stealthy Phishing Threat

    May 12, 2025

    In April, FortiGuard Labs observed a threat actor using phishing emails with malicious HTML files to spread Horabot, malware that primarily targets Spanish-speaking users. It is known for using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email credentials, harvest contact lists, and install banking ...