Wednesday , June 10 2026
Google

Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers

infosecbulletin Tuesday , May 6 2025 Alert, Vulnerabilities

Google has released its monthly Android security updates, addressing 46 vulnerabilities, including one that has been actively exploited. CVE-2025-27363 (CVSS score: 8.1) is a high-severity vulnerability in the System component that allows local code execution without needing extra privileges.

“The most severe of these issues is a high security vulnerability in the System component that could lead to local code execution with no additional execution privileges needed,” Google said in a Monday advisory. “User interaction is not needed for exploitation.”

World’s first wind power underwater data center is now live

By infosecbulletin / Tuesday , June 9 2026
The first business underwater data center run by offshore wind has started working near Shanghai. Submerged 10 metres under the...
Read More
World’s first wind power underwater data center is now live

VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts

By infosecbulletin / Tuesday , June 9 2026
Broadcom has revealed three stored cross-site scripting (XSS) flaws that affect VMware Cloud Foundation Operations and some other products. They...
Read More
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts

CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the Wild 

By infosecbulletin / Tuesday , June 9 2026
Check Point Research found that CVE-2026-50751, a serious flaw in Check Point Remote Access VPN and Mobile Access, is being...
Read More
CVE-2026-50751 Check Point VPN 0-day Flaw Exploited in the Wild 

AI-designed First ‘universal vaccine’ tested in humans

By infosecbulletin / Monday , June 8 2026
AI helped to make a new kind of vaccine that can protect people from many types of viruses and stop...
Read More
AI-designed First ‘universal vaccine’ tested in humans

China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%

By infosecbulletin / Sunday , June 7 2026
The world's first prefabricated computing power center base officially began operation on Saturday in Qingdao City, east China's Shandong Province,...
Read More
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%

Hacker now exploits recently patched SolarWinds Serv-U flaw

By infosecbulletin / Saturday , June 6 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that hackers are using a newly fixed serious SolarWinds Serv-U...
Read More
Hacker now exploits recently patched SolarWinds Serv-U flaw

Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass

By infosecbulletin / Friday , June 5 2026
Trend Micro’s Deep Security Agent for Linux has a design flaw. This issue lets a local attacker, who does not...
Read More
Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass

Ransomware Crisis Deepens: 4,089 Victims Hit Across 121 Countries in 2026

By infosecbulletin / Friday , June 5 2026
According to the latest ransomware numbers from 2026, cybercrime is still a big worry worldwide. In 2026, 4,089 groups have...
Read More
Ransomware Crisis Deepens: 4,089 Victims Hit Across 121 Countries in 2026

CVE-2026-20230
Cisco Patches in Unified CM as Exploit Code Goes Public

By infosecbulletin / Friday , June 5 2026
Cisco has fixed a flaw in Unified Communications Manager that allows an attacker on the network to write files to...
Read More
CVE-2026-20230 Cisco Patches in Unified CM as Exploit Code Goes Public

1-Click GitHub Token Flaw Allows Attackers Steal Users’ OAuth Tokens

By infosecbulletin / Wednesday , June 3 2026
A serious security flaw in Visual Studio Code’s webview lets attackers take GitHub OAuth tokens. This includes read/write access to...
Read More
1-Click GitHub Token Flaw Allows Attackers Steal Users’ OAuth Tokens

CVE-2025-27363 originates from the FreeType open-source font rendering library. Facebook first reported its exploitation in the wild in March 2025.

A flaw in FreeType versions prior to 2.13.0 allowed out-of-bounds writes when parsing TrueType GX and variable font files, potentially leading to code execution. This issue has been fixed in versions above 2.13.0.

“There are indications that CVE-2025-27363 may be under limited, targeted exploitation,” Google acknowledged in its security bulletin. The exact specifics of the attacks are presently unknown.

Google’s May update fixes eight issues in the Android System and 15 in the Framework module that could allow privilege escalation, information disclosure, and denial-of-service attacks.

“Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform,” the company said. “We encourage all users to update to the latest version of Android where possible.”

“bCloud” Starts Journey in Bangladesh Targeting Cloud Solutions

Check Also

flaw

Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass

Trend Micro’s Deep Security Agent for Linux has a design flaw. This issue lets a …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin