Ars Technica

Serbian student’s Android phone compromised by exploit from Cellebrite

Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical ...
WeLiveSecurity

Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android

ESET researchers discovered a zero-day exploit that targets Telegram for Android, which appeared for sale for an unspecified price in an underground forum post from June 6 th, 2024. Using the exploit ...
Bleeping Computer

Exploit released for Android local elevation flaw impacting 7 OEMs

A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub. However, as the ...
Android

Google just fixed an Android zero-day exploit used by Serbian authorities

According to the report, Cellebrite, an Israeli-based digital forensics company, exploited the flaw as part of an Android zero-day attack. The exploit targets Android USB drivers, making billions of ...
Bleeping Computer

Google finds more Android, iOS zero-days used to install spyware

Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' ...
Android

'aCropalypse' exploit puts Pixel devices at a serious risk

According to TechRadar, a vulnerability called “aCropalypse” has targeted Pixel devices. Hopefully, Google patched the exploit with the recent March feature drop, but users that haven’t received the ...
CSOonline

Spyware vendors use exploit chains to take advantage of patch delays in mobile ecosystem

Spyware vendors use a combination of zero-day exploits and known vulnerabilities. Google TAG researchers urge faster patching of mobile devices Several commercial spyware vendors developed and used ...