Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published.
The term reflects the amount of time that a vulnerable organization has to protect against the threat by patching—zero days. The April updates are available for Android 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
May 11, 2023
An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware ESXi servers. SentinelLabs security researchers observed this rising trend after spotting a rapid succession of nine Babuk-based ransomware variants that surfaced between the second half of 2022 and the first half of 2023. Read more… Source: Bleeping Computer
- Food giant Sysco confirms customer data stolen in cyberattack
May 10, 2023
Sysco detected the data breach in March but believes the threat actor began their attack in January, with business, employee and personal data stolen. Global food distributor Sysco has said that company data has been stolen as a result of a cyberattack earlier this year. The stolen information is believed to include business, customer, employee and personal ...
- After a Cyber Attack: Dos and Don’ts for Higher Education IT Staff
May 10, 2023
For most colleges and universities, it’s a question of when, not if, they will experience a cyber attack. Here are seven key considerations for handling the aftermath of a breach. There is a treasure trove of sensitive and valuable information in higher education information systems that is tantalizing to hackers of all kinds. With networks that ...
- North Korean hackers breached major hospital in Seoul to steal data
May 10, 2023
The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country’s largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details. The incident occurred between May and June 2021, and the police conducted an analytical investigation during the past two years to ...
- New phishing-as-a-service tool “Greatness” already seen in the wild
May 10, 2023
A previously unreported phishing-as-a-service (PaaS) offering named “Greatness” has been used in several phishing campaigns since at least mid-2022. Greatness incorporates features seen in some of the most advanced PaaS offerings, such as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram bots. Read more… Source: Talos
- Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
May 10, 2023
Industrial cybersecurity company Dragos today disclosed what it describes as a “cybersecurity event” after a known cybercrime gang attempted to breach its defenses and infiltrate the internal network to encrypt devices. While Dragos states that the threat actors did not breach its network or cybersecurity platform, they got access to the company’s SharePoint cloud service and ...