Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published.
The term reflects the amount of time that a vulnerable organization has to protect against the threat by patching—zero days. The April updates are available for Android 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Netgear Smart Switches Open to Complete Takeover
September 7, 2021
Three severe Netgear vulnerabilities, codenamed Demon’s Cries, Draconian Fear and Seventh Inferno by the researcher that found them, affect 20 of the company’s managed smart switches and could allow an attacker to take them over. The bugs were patched on Friday with zero technical details made available, but the researcher has now released more details on ...
- REvil ransomware group resurfaces after brief hiatus
September 7, 2021
The operators behind the REvil ransomware group have resurfaced after allegedly closing shop following the widespread attack on Kaseya that caused thousands of victims on July 4. Security researchers said all of the dark web sites for the prolific ransomware group — including the payment site, the group’s public site, the ‘helpdesk’ chat and their negotiation ...
- TrickBot gang developer arrested when trying to leave Korea
September 6, 2021
An alleged Russian developer for the notorious TrickBot malware gang was arrested in South Korea after attempting to leave the country. The TrickBot cybercrime group is responsible for a variety of sophisticated malware targeting Windows and Linux devices to gain access to victim’s networks, steal data, and deploy other malware, such as ransomware. Seoul’s KBS (via The ...
- East Asian online organised crime group preying on British job seekers
September 6, 2021
An organised group of criminals based in East Asia have defrauded job seekers in the UK and worldwide after getting a scam app on to both the Google and Apple app stores. Working with victims who have tried to track down their scammers, Sky News has learnt they were operating from Cambodia, the Philippines and China, ...
- Norwegian student tracks Bluetooth headset wearers by wardriving around Oslo on a bicycle
September 4, 2021
A Norwegian student who went wardriving around Oslo on a pushbike has discovered that several popular models of Bluetooth headphones don’t implement MAC address randomisation – meaning they can be used to track their wearers. Norwegian state broadcaster NRK revealed Bjorn Hegnes’ findings after helping him analyse Bluetooth emissions from a dozen different models of audio ...
- Analyzing SSL/TLS Certificates Used by Malware
September 3, 2021
Malware has increasingly been making use of encryption to help hide their network traffic in recent years. This makes sense especially when one realizes that ordinary network traffic is increasingly encrypted as well. Google’s own Transparency Report notes that HTTPS traffic now makes up the vast majority of network traffic passed via the Google Chrome ...