Google fixes two actively exploited zero-day vulnerabilities in Android


Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published.

The term reflects the amount of time that a vulnerable organization has to protect against the threat by patching—zero days. The April updates are available for Android 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • New MidgeDropper Variant

    September 12, 2023

    One of the most exciting aspects of malware analysis is coming across a family that is new or rare to the reversing community. Determining the function of the malware, who created it, and the reasons behind it become a mystery to solve. The previously unseen dropper variant FortiGuard Labs researchers recently found, named MidgeDropper, has ...

  • Redfly: Espionage Actors Continue to Target Critical Infrastructure

    September 12, 2023

    Espionage actors are continuing to mount attacks on critical national infrastructure (CNI) targets, a trend that has become a source of concern for governments and CNI organizations worldwide. Symantec’s Threat Hunter Team has found evidence that a threat actor group Symantec calls Redfly used the ShadowPad Trojan to compromise a national grid in an Asian ...

  • Malware distributor Storm-0324 facilitates ransomware access

    September 12, 2023

    The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool ...

  • NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats

    September 12, 2023

    Today, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Information Sheet (CSI), Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats, techniques, and trends. Threats from synthetic media, such as deepfakes, have exponentially increased—presenting a growing challenge for ...

  • Unusually low 5 critical vulnerabilities included in Microsoft September Patch Tuesday, along with two zero-days

    September 12, 2023

    Microsoft disclosed 65 vulnerabilities across its suite of products and software Tuesday, only five of which are considered critical, which is very low compared to Microsoft’s usual security updates. However, there are two issues disclosed and patched this month that have already been exploited in the wild. Fifty-six of the vulnerabilities included in this month’s Patch ...

  • MGM Resorts Slot machines go down in cyber-attack on firm

    September 12, 2023

    Customers have reported problems with slot machines and online room booking systems following a cyber-attack on casino and hotel giant MGM Resorts. Certain systems were shut down due to a “cyber-security issue”, the firm said. But it added that its facilities remained “operational”. One customer at the MGM Grand in Las Vegas said she had walked ...