Google fixes two actively exploited zero-day vulnerabilities in Android


Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published.

The term reflects the amount of time that a vulnerable organization has to protect against the threat by patching—zero days. The April updates are available for Android 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Foreign spy conducts cyberattacks against China’s defense, high-tech firm

    November 27, 2023

    China’s Ministry of State Security (MSS) disclosed a new case on Monday of foreign espionage activities involving the recruitment of a Chinese software developer who provided “technical services.” This spy agency used “poisoned” software to conduct cyberattacks and steal secrets from dozens of China’s defense and high-tech enterprises. Wang, a Chinese engineer in the network technology ...

  • The Dark Side of AI: Large-Scale Scam Campaigns Made Possible by Generative AI

    November 27, 2023

    Generative artificial intelligence technologies such as OpenAI’s ChatGPT and DALL-E have created a great deal of disruption across much of our digital lives. Creating credible text, images and even audio, these AI tools can be used for both good and ill. That includes their application in the cybersecurity space. Read more… Source: Sophos  

  • New ransomware-as-a-service caters to cybercriminals with commercial expansion

    November 23, 2023

    New evidence suggests that the popular Play ransomware is now being rented out to cybercriminals. Known as ransomware-as-a-service (RaaS), cybercriminals can pay to use the malware itself alongside the infrastructure needed to pull off an attack.This is a relatively new phenomenon and can provide a steady stream of revenue for malicious cyber gangs. Read more… Source: MSN News  

  • Q3 2023 in Review: DDoS Attacks Report by StormWall

    November 23, 2023

    StormWall researchers observed that attacks have grown by 43% compared to Q3 2022. Over the past quarter, and according to the analysis conducted by the team, there have been three main trends affecting the surge in DDoS attacks: The number of multi-vector attacks has increased There’s been a significant spike in attacks that target multiple protocols or ...

  • Israel-Hamas war spotlight: Shaking the rust off SysJoker

    November 23, 2023

    Amid tensions in the ongoing Israel-Hamas war, Check Point Research has been conducting active threat hunting in an effort to discover, attribute, and mitigate relevant regional threats. Among those, some new variants of the SysJoker malware, including one coded in Rust, recently caught our attention. Check Point assessment is that these were used in targeted attacks ...

  • HrServ – Previously unknown web shell used in APT attack

    November 22, 2023

    In the course of our routine investigation, we discovered a DLL file, identified as hrserv.dll, which is a previously unknown web shell exhibiting sophisticated features such as custom encoding methods for client communication and in-memory execution. Kaspersky analysis of the sample led to the discovery of related variants compiled in 2021, indicating a potential correlation between ...