In its April 2025 security update, Google patched 62 vulnerabilities in Android, including two zero-days used in targeted attacks. Among the 62 fixed vulnerabilities, most are high-severity elevation of privilege flaws, and two are zero-day vulnerabilities that hackers can easily exploit.
CVE-2024-43197 is a critical privilege escalation flaw in the Linux kernel’s USB-audio driver for ALSA devices. Authorities in Serbia allegedly used this zero-day exploit, developed by the Israeli digital forensics firm Cellebrite, to unlock seized Android devices.
By infosecbulletin
/ Saturday , May 31 2025
The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
By infosecbulletin
/ Saturday , May 31 2025
New ransomware payment reporting rules take effect in Australia yesterday (May 30) for all organisations with an annual turnover of...
Read More
By infosecbulletin
/ Saturday , May 31 2025
Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious new security rules that require...
Read More
By infosecbulletin
/ Thursday , May 29 2025
GreyNoise has discovered a campaign where attackers have gained unauthorized access to thousands of internet-exposed ASUS routers. This seems to...
Read More
By infosecbulletin
/ Wednesday , May 28 2025
The rise of online gambling in the country is leading to increased crime and societal issues. In response, the central...
Read More
By infosecbulletin
/ Wednesday , May 28 2025
Cybersecurity researchers recently revealed a coordinated cloud-based scanning attack that targeted 75 different exposure points earlier this month. On May...
Read More
By infosecbulletin
/ Monday , May 26 2025
Recent security research has shown that attackers can weaken zero-trust security frameworks by exploiting a key DNS vulnerability, disrupting automated...
Read More
By infosecbulletin
/ Saturday , May 24 2025
Evaly, a Bangladeshi e-commerce platform, is reportedly facing a major data breach that may have exposed sensitive information of around...
Read More
By infosecbulletin
/ Friday , May 23 2025
A passback vulnerability has been found in some Canon printers, including production and multifunction models. If an attacker gains administrative...
Read More
By infosecbulletin
/ Friday , May 23 2025
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
Read More
The second zero-day vulnerability (CVE-2024-53150) in the Android Kernel is caused by an out-of-bound read issue. If exploited, it enables local attackers to access sensitive information on your phone without any user interaction.
Both zero-days, along with 60 other security flaws, have been fixed in recent security patches. Google’s Pixel devices will receive these updates first, while other Android manufacturers may take longer to implement them.
To ensure your Android phone is safe from hackers, install updates and security patches as soon as they are released.
While 62 vulnerabilities may seem high, they are flaws that have been discovered and fixed. It’s important to keep your phone updated, as hackers target those with outdated software, making it easier for them to exploit these issues.
Within Minute, RamiGPT To Escalate Privilege Gaining Root Access