Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published.
The term reflects the amount of time that a vulnerable organization has to protect against the threat by patching—zero days. The April updates are available for Android 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Crooks plant backdoor in software used by courtrooms around the world
May 23, 2024
A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8, an application ...
- LockBit demands $25 million from Canadian pharmacy chain London Drugs after ransomware attack
May 23, 2024
The recent cyber-incident against Canadian pharmacy chain London Drugs was indeed a full-blown ransomware attack, with sensitive data being stolen, and a major ransom being demanded, the company has confirmed. In a statement given to The Register, the company said it had been hit, but stressed it also had no intention of paying the ransom demand. ...
- ShrinkLocker: Turning BitLocker into ransomware
May 23, 2024
The original purpose of BitLocker is to address the risks of data theft or exposure from lost, stolen, or improperly decommissioned devices. Nonetheless, threat actors have found out that this mechanism can be repurposed for malicious ends to great effect. In that incident, the attackers were able to deploy and run an advanced VBS script that ...
- Most recent cyber attacks on water systems won’t be the last, says cybersecurity expert
May 23, 2024
More government agencies are taking steps to shore up their cybersecurity measures. Earlier this week, the Environmental Protection Agency announced it would step up inspections of water facilities that may be vulnerable to cyberattacks. Why are government agencies more at risk when it comes to cyberattacks and operational vulnerabilities? Read more… Source: MSN News Sign up for our Newsletter Related:
- Cyber Signals: Inside the growing risk of gift card fraud
May 23, 2024
Multifactor authentication Security operations In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank account attached to them, which can lessen scrutiny of ...
- Bank of Russia reports rising number of cyber attacks on financial infrastructure
May 23, 2024
The Bank of Russia reported an increase in the number of attacks on suppliers of various IT solutions used in the financial market, the regulator said in its report. “It is particularly noteworthy that attacks on third parties – suppliers of various IT solutions utilized in the financial market – have increased in frequency in 2023. ...

