#android-security

[ follow ]
#user-safety #oneplus #smsmms-vulnerability #oxygenos #cve-2025-21043 #libimagecodecquramso
#oneplus
more#oneplus
fromZDNET
1 week ago

You should update your Samsung phone ASAP - this zero-day flaw just got patched

Samsung recently issued a patch to resolve a critical vulnerability impacting its Android smartphone users. All impacted phone models will receive the fix, which patches a vulnerability tracked as . The security flaw, issued a critical base score of 8.8 by Samsung Mobile (a CNA), is described as an "out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code."
Gadgets
fromZDNET
1 week ago

Update your Samsung phone ASAP to patch this zero-day flaw exploited in the wild

Samsung has issued a patch to resolve a critical vulnerability impacting its Android smartphone users. All impacted phone models will receive the fix, which patches a vulnerability tracked as . The security flaw, issued a critical base score of 8.8 by Samsung Mobile (a CNA), is described as an "out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code."
Information security
Gadgets
fromTechCrunch
1 week ago

Samsung patches zero-day security flaw used to hack into its customers' phones | TechCrunch

Samsung fixed a zero-day in its image-display library that allowed remote planting of malicious code on devices running Android 13–16.
Information security
fromZDNET
1 week ago

Google may shift to risk-based Android security patch rollouts - what that means for you

Google plans a risk-based Android security update system prioritizing critical actively exploited vulnerabilities while moving lower-risk fixes to less frequent patch cycles.
Information security
fromSecurityWeek
1 week ago

Samsung Patches Zero-Day Exploited Against Android Users

A high-severity out-of-bounds write in Samsung's image parsing library (CVE-2025-21043) was exploited in the wild and is now patched.
fromTheregister
3 weeks ago

Boffins build automated Android bug hunting system

The authors claim that the A2 system achieves 78.3 percent coverage on the Ghera benchmark, surpassing static analyzers like APKHunt (30.0 percent). And they say that, when they used A2 on 169 production APKs, they found "104 true-positive zero-day vulnerabilities," 57 of which were self-validated via automatically generated proof-of-concept (PoC) exploits. One of these included a medium-severity flaw in an Android app with over 10 million installs.
Information security
fromTheregister
3 weeks ago

Android drops 120 flaw fixes, two exploited in the wild

Patch Tuesday is next week, but Android is ahead of the game, dropping its biggest patch bundle this year while attackers actively exploit two of the now-fixed flaws. This month, the world's most popular mobile operating system pushed out 120 patches, its biggest monthly dump this year. It's a far cry from July, when Android didn't issue a single patch as everything was apparently fine, but in September, two of the flaws may be under "limited, targeted exploitation."
Information security
Information security
fromTechCrunch
1 month ago

Google will require developer verification for Android apps outside the Play Store | TechCrunch

Google will require identity verification for developers distributing apps on certified Android devices beyond the Play Store, with phased rollout beginning March 2026.
fromThe Hacker News
1 month ago

Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

The vulnerabilities include CVE-2025-21479 (CVSS score: 8.6) and CVE-2025-27038 (CVSS score: 7.5), both of which were disclosed alongside CVE-2025-21480 (CVSS score: 8.6) by the chipmaker back in June 2025.
Privacy technologies
Mobile UX
fromArs Technica
2 months ago

Android phones could soon warn you of "Stingrays" snooping on your communications

Android phones will soon offer enhanced network security notifications for potential attacks.
Current devices lack the necessary hardware support for detecting fake cell towers.
Newer models releasing later this year will enable detection of malicious network activities.
fromTechCrunch
3 months ago

Phone chipmaker Qualcomm fixes three zero-days exploited by hackers | TechCrunch

Qualcomm's recent patching of vulnerabilities in its chips is critical, especially given the existence of three zero-days that may be actively exploited by hackers.
Tech industry
Privacy technologies
fromZDNET
4 months ago

Your Android phone's latest security upgrade makes it more thief-proof - here's how

Google is enhancing Factory Reset Protection to make Android phones less appealing to thieves.
Privacy technologies
fromTechCrunch
4 months ago

Google announces new security features for Android for protection against scam and theft | TechCrunch

Google announced new security features for Android to enhance user protection against scams and unauthorized device access.
Privacy technologies
fromZDNET
4 months ago

Your Android phone is getting a huge security upgrade for free - what's new

Android devices are enhancing security with new protections against scam calls and malicious actions.
fromForbes
4 months ago

Delete Any Apps On Your Phone That Are On This List

The attackers' payday comes via those advertisers who have no idea their ads are being pushed out at an industrial scale to infected phones.
Games
Marketing tech
fromForbes
4 months ago

Delete Any Apps On Your Phone That Are On This List

Up to 2.5 million dangerous apps are installed monthly on Android devices, posing a significant threat to users.
The 'Kaleidoscope' threat involves fake app replicas that generate ad fraud for cyber criminals.
[ Load more ]