InfoSecBulletin Cybersecurity for mankind
Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being actively exploited in targeted attacks.
The company reported two major flaws (CVE-2025-21479 and CVE-2025-21480) identified by the Google Android Security team in late January, and a third serious vulnerability (CVE-2025-27038) was reported in March.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
The first two issues are Graphics framework authorization weaknesses that can cause memory corruption through unauthorized GPU command execution. CVE-2025-27038 is a use-after-free vulnerability that also leads to memory corruption when rendering graphics with Adreno GPU drivers in Chrome.
“There are indications from Google Threat Analysis Group that CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 may be under limited, targeted exploitation,” Qualcomm warned in a Monday advisory.
“Patches for the issues affecting the Adreno Graphics Processing Unit (GPU) driver have been made available to OEMs in May together with a strong recommendation to deploy the update on affected devices as soon as possible.”
Recently, the company has fixed several chipset security flaws that could allow attackers to access users’ text messages, call history, media files, and real-time conversations.
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
