Breaking News
Two serious zero-day bugs in Android, discovered by Google’s Benoît Sevens and Amnesty International, have been fixed by Google after hackers were found exploiting them in real-world attacks.
Millions of Android users were unknowingly exposed to serious security threats due to two newly discovered Android zero-day vulnerabilities that were actively exploited before Google issued a fix. These high-risk bugs—CVE-2024-53197 and CVE-2024-53150—highlight growing concerns over Android OS security in 2025.
The first flaw, CVE-2024-53197, was part of a dangerous three-bug chain reportedly used by phone-cracking company Cellebrite to spy on a Serbian activist. This zero-day exploit in Android was uncovered by Amnesty International and Google’s Threat Analysis Group (TAG) researcher Benoît Sevens.
The second vulnerability, CVE-2024-53150, was found deep within Android’s kernel, the core of the operating system. Though technical details remain limited, the depth of this flaw signals the potential for serious misuse. Both bugs allowed remote code execution without requiring any user action—meaning attackers could breach devices silently.
Until Google rolled out the Android security update, affected devices were wide open to exploitation. The Google security patch came only after targeted attacks had already been reported, raising concerns about Android user data breaches and the need for faster response times to such threats.
These incidents are a stark reminder of the evolving Android security threats in 2025 and the importance of keeping your device updated. Users are urged to install the latest updates immediately and remain cautious, especially when vulnerabilities can be used without any user interaction.
As Android becomes more deeply integrated into daily life, proactive and timely updates are crucial to protect against increasingly sophisticated cyberattacks.
The first flaw, CVE-2024-53197, was part of a dangerous three-bug chain reportedly used by phone-cracking company Cellebrite to spy on a Serbian activist. This zero-day exploit in Android was uncovered by Amnesty International and Google’s Threat Analysis Group (TAG) researcher Benoît Sevens.
The second vulnerability, CVE-2024-53150, was found deep within Android’s kernel, the core of the operating system. Though technical details remain limited, the depth of this flaw signals the potential for serious misuse. Both bugs allowed remote code execution without requiring any user action—meaning attackers could breach devices silently.
Until Google rolled out the Android security update, affected devices were wide open to exploitation. The Google security patch came only after targeted attacks had already been reported, raising concerns about Android user data breaches and the need for faster response times to such threats.
These incidents are a stark reminder of the evolving Android security threats in 2025 and the importance of keeping your device updated. Users are urged to install the latest updates immediately and remain cautious, especially when vulnerabilities can be used without any user interaction.
As Android becomes more deeply integrated into daily life, proactive and timely updates are crucial to protect against increasingly sophisticated cyberattacks.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
