From Dark Reading – 2 Android Zero-Day Bugs Under Active Exploit
Neither security issue requires user interaction; and one of the vulnerabilities was used to unlock a student activist’s device in an attempt to install spyware. Read More
Tag CVE-2024-53197
From Cyber Security News – Google Patched Android 0-Day Vulnerability Exploited in the Wild
Google has released its April 2025 Android Security Bulletin, addressing numerous critical vulnerabilities including two zero-day flaws actively exploited in targeted attacks. This marks the third consecutive month that Google has issued emergency patches for actively exploited vulnerabilities, highlighting the…
From Security Week – Android Update Patches Two Exploited Vulnerabilities
[[{“value”:”Android’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs. The post Android Update Patches Two Exploited Vulnerabilities appeared first on SecurityWeek.”}]] Read More
From The Hacker News – Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.
The two high-severity vulnerabilities are listed below -
CVE-2024-53150 (CVSS score: 7.8) - An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure
CVE-2024-53197 (CVSS score: 7.8) - A privilege escalation flaw in the USB sub-component of Kernel
From Cybersecurity Help – Serbian activist’s phone targeted with Cellebrite zero-day exploit
The exploit is based on a vulnerability in Android’s USB drivers and was initially discovered in 2024. Read More
From Cyber Security News – Android Phone’s Unlocked Using Cellebrite’s Linux USB Zero-day Exploit
Amnesty International’s Security Lab has uncovered a sophisticated cyber-espionage campaign in Serbia, where authorities used a zero-day exploit chain developed by Cellebrite to unlock the Android phone of a student activist. The attack, which occurred on December 25, 2024, leveraged…
From The Hacker News – Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International.
"The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite," the international non-governmental