Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published.
The term reflects the amount of time that a vulnerable organization has to protect against the threat by patching—zero days. The April updates are available for Android 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Mandrake spyware sneaks onto Google Play again, flying under the radar for two years
July 29, 2024
In April 2024, Kaspersky researchers discovered a suspicious sample that appeared to be a new version of Mandrake. Ensuing analysis revealed as many as five Mandrake applications, which had been available on Google Play from 2022 to 2024 with more than 32,000 installs in total, while staying undetected by any other vendor. The new samples included ...
- UK: 48 cyber breaches of utility companies recorded last year, a 586% increase on 2022
July 29, 2024
The number of successful cyber attacks against UK utility companies has risen to 48 in 2023, a 586% increase on the seven cases in 2022, says global specialty (re)insurance group Chaucer. So far these cyber attacks have been largely restricted to the theft of data or ransomware attacks. There have been concerns that cyber attacks designed ...
- Intruders at HealthEquity rifled through storage, stole 4.3M people’s data
July 29, 2024
HealthEquity, a US fintech firm for the healthcare sector, admits that a “data security event” it discovered at the end of June hit the data of a substantial 4.3 million individuals. Stolen details include addresses, telephone numbers and payment data.… The incident began in March but was only detected in June. The company said in a ...
- Millions more victims exposed in debt collection agency data breach
July 29, 2024
It seems that the data breach at the debt collection agency Financial Business and Consumer Solutions (FBCS) was a lot bigger than initially thought. After first reporting some 1.9 million victims, the company now says that more than 4.2 million were actually affected. In late April, it was reported that FBCS suffered a cyberattack two months ...
- Georgia: Columbus hit by data breach, officials say not considered ransomware incident
July 29, 2024
Columbus experienced a data breach last Wednesday, the same day as an internet outage, city officials say. The only information believed to have been accessed are employees’ names, work emails and passwords, according to Mike Richardson, the city’s director of security and risk. He said no employee’s personal financial information was compromised. All employee passwords were ...
- Northern Ireland: Man arrested in connection with PSNI data breach
July 29, 2024
Detectives investigating criminality linked to the PSNI data breach have arrested a 54-year-old man. Data relating to all 9,483 PSNI officers and staff was mistakenly included in a spreadsheet published online last August in response to a freedom of information request. The list included the surname and first initial of every employee, their rank or grade, ...

