• Help Net Security

In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities ... Read more

• The Hacker News

Enterprise Security / Vulnerability Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023. Of the 75 zero-days, 44% of them targeted ente ... Read more

• Google Cloud

Written by: Casey Charrier, James Sadowski, Clement Lecigne, Vlad Stolyarov Executive Summary Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, ... Read more

• Daily CyberSecurity

A security researcher published a proof-of-concept exploit code for an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to i ... Read more

• Cyber Security News

The Cybersecurity and Infrastructure Security Agency (CISA) has added two significant Linux kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog yesterday, confirming both flaws ... Read more

• TheCyberThrone

The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Linux kernel vulnerabilities, CVE-2024-53150 and CVE-2024-53197, to its Known Exploited Vulnerabilities (KEV) Catalog ... Read more

• Daily CyberSecurity

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning after adding two newly discovered Linux kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, co ... Read more

• Dark Reading

Source: Yuen Man Cheung via Alamy Stock PhotoNEWS BRIEFGoogle has patched 62 vulnerabilities in Android, including two zero-days that are actively being exploited in attacks, tracked as CVE-2024-53197 ... Read more

• TheCyberThrone

The April 2025 Android security update is a comprehensive effort by Google to enhance the security of Android devices worldwide. By addressing 62 vulnerabilities, including two actively exploited zero ... Read more

• The Hacker News

Mobile Security / Vulnerability Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below - CVE-20 ... Read more

• BleepingComputer

Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited in targeted attacks. One of the zero-days, a high-severity privilege escal ... Read more

• Daily CyberSecurity

The Android operating system utilizes Android Runtime (ART) to execute application code. When a new application is installed, Android employs a tool called dex2oat to process the APK’s .dex files, whi ... Read more

• Dark Reading

Source: Dejan Krsmanovic via Alamy Stock PhotoSerbian law enforcement officials are using a Cellebrite mobile "information extraction" product in tandem with an exploit chain to target dissidents, inc ... Read more

• BleepingComputer

Google has released patches for 43 vulnerabilities in Android's March 2025 security update, including two zero-days exploited in targeted attacks. Serbian authorities have used one of the zero-days, a ... Read more

• Cyber Security News

Google has issued an urgent security alert for CVE-2024-43093 and CVE-2024-50302, two critical Android vulnerabilities actively exploited in coordinated attacks targeting devices running Android 12 th ... Read more

• The Hacker News

Vulnerability / Mobile Security Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exp ... Read more

• Cyber Security News

The United States has paused offensive cyber operations against Russia under an order from Defense Secretary Pete Hegseth, causing debates over geopolitical strategy and domestic cybersecurity priorit ... Read more

• The Register

Infosec In Brief US Defense Secretary Pete Hegseth has reportedly ordered US Cyber Command to pause offensive operations against Russia, as the USA’s Cybersecurity and Infrastructure Security Agency ( ... Read more

• Cybersecurity News

Israeli digital intelligence company Cellebrite offers intelligence gathering and forensic review services to its clients. Additionally, the company provides certain undisclosed zero-day vulnerabiliti ... Read more

• security.nl

Ontwikkelaar van forensische software Cellebrite heeft drie kwetsbaarheden in de usb-kerneldrivers van Android gebruikt voor het ontgrendelen van vergrendelde telefoons, zo meldt mensenrechtenorganisa ... Read more

• Cyber Security News

Amnesty International’s Security Lab has uncovered a sophisticated cyber-espionage campaign in Serbia, where authorities used a zero-day exploit chain developed by Cellebrite to unlock the Android pho ... Read more

• The Hacker News

Mobile Security / Zero-Day A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amne ... Read more

• BleepingComputer

Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. Cellebrite ... Read more

• The Hacker News

Cybersecurity / Weekly Recap In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one se ... Read more

• TheCyberThrone

CVE-2025-0994 is a serious security vulnerability affecting Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10. This vulnerability can lead to remot ... Read more

• TheCyberThrone

CVE-2025-23419 is a security vulnerability that arises when multiple server blocks in an Nginx configuration share the same IP address and port. An attacker can exploit this vulnerability by using the ... Read more

• TheCyberThrone

BackgroundCVE-2024-56161 is an improper signature verification vulnerability found in the AMD CPU ROM microcode patch loader. This vulnerability enables an attacker with local administrator privileges ... Read more

• TheCyberThrone

On February 5, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-53104 to its Known Exploited Vulnerabilities (KEV) Catalog. This addition highlights the critical nature ... Read more

• BleepingComputer

​CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks. Tracked as CVE-2024-53104, the security bug was f ... Read more

• Krypt3ia

Date: 2.5.25 Top Headlines Five Eyes Launch Guidance to Improve Edge Device Security Summary: The UK’s leading cybersecurity agency and its Five Eyes peers have produced new guidance for manufacturers ... Read more

• security.nl

Google waarschuwt eigenaren van een Androidtelefoon voor een actief misbruikte kwetsbaarheid in de kernel van het besturingssysteem die via usb is te misbruiken. Updates zijn nu uitgebracht, maar Goog ... Read more

• The Hacker News

Vulnerability / Mobile Security Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulne ... Read more

• BleepingComputer

The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. This high-severity zero-day (tracked as CVE-2024-531 ... Read more