The November 2025 Android patches resolve two vulnerabilities, both in the platform’s System component.
The post Android Update Patches Critical Remote Code Execution Flaw appeared first on SecurityWeek.
In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia
Other noteworthy stories that might have slipped under the radar: Everest group takes credit for Collins Aerospace hack, Maryland launches VDP, gamers targeted with red teaming tool and RAT.
The post In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia appeared first on SecurityWeek.
Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta
Questions have been raised over the technical viability of the purported WhatsApp exploit, but the researcher says he wants to keep his identity private.
The post Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta appeared first on SecurityWeek.
Mobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise Alarm
Verizon’s 2025 Mobile Security Index shows that 85% of organizations believe mobile device attacks are on the rise.
The post Mobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise Alarm appeared first on SecurityWeek.
Pixnapping Attack Steals Data From Google, Samsung Android Phones
Google has released a partial patch for the Pixnapping attack and is working on an additional fix.
The post Pixnapping Attack Steals Data From Google, Samsung Android Phones appeared first on SecurityWeek.
Apple Bug Bounty Update: Top Payout $2 Million, $35 Million Paid to Date
Apple has announced significant updates to its bug bounty program, including new categories and target flags.
The post Apple Bug Bounty Update: Top Payout $2 Million, $35 Million Paid to Date appeared first on SecurityWeek.
Apple Updates iOS and macOS to Prevent Malicious Font Attacks
The vulnerability could lead to a denial-of-service condition or memory corruption when a malicious font is processed.
The post Apple Updates iOS and macOS to Prevent Malicious Font Attacks appeared first on SecurityWeek.
Decade-Old Pixie Dust Wi-Fi Hack Still Impacts Many Devices
NetRise has identified 20 device models from six vendors that are still vulnerable to Pixie Dust attacks.
The post Decade-Old Pixie Dust Wi-Fi Hack Still Impacts Many Devices appeared first on SecurityWeek.
Samsung Patches Zero-Day Exploited Against Android Users
Reported by Meta and WhatsApp, the vulnerability leads to remote code execution and was likely exploited by a spyware vendor.
The post Samsung Patches Zero-Day Exploited Against Android Users appeared first on SecurityWeek.
Remote CarPlay Hack Puts Drivers at Risk of Distraction and Surveillance
Oligo Security has shared details on an Apple CarPlay attack that hackers may be able to launch without any interaction.
The post Remote CarPlay Hack Puts Drivers at Risk of Distraction and Surveillance appeared first on SecurityWeek.