Google Says Critical Android 'No User Interaction' Attacks Underway
Update your Android device now. SOPA Images/LightRocket via Getty Images
The world of cybersecurity can be a funny old place sometimes. In the same week that Mac users were warned that Apple passwords are at risk if they install an update, Android users are now being told their smartphones could be hacked if they don't. Here's what you need to know about the 'no user interaction required' attacks and what you must do right now to stop them in their tracks. Forbes Confirmed — 19 Billion Compromised Passwords Published Online By Davey Winder
Cybersecurity can also be confusing sometimes. Attacks use urgency as leverage, as evidenced by the latest PayPal security alert. Yet vendors and service providers simultaneously urge users to update now. Google security researchers issue detailed technical information about a Windows password-stealing threat, in the same week as Android users are informed that a no user interaction vulnerability is being exploited by attackers in the wild. Zero-day attacks are no stranger to Google, what with it reporting 75 of them last year. The latest, CVE-2025-27363, has been confirmed by Google as it releases a security update to mitigate it.
According to Google, CVE-2025-27363 is a vulnerability that 'could lead to local code execution with no additional execution privileges needed.' Critically, Google has also confirmed that 'user interaction is not needed for exploitation.' Which is all very bad news, but it gets worse: the attacks against Android users are already underway. 'There are indications that CVE-2025-27363 may be under limited, targeted exploitation,' Google warned.
The NIST National Vulnerability Database describes CVE-2025-27363 as being an out of bounds issue in 'FreeType versions 2.13.0 and below,' that occurs when 'attempting to parse font subglyph structures related to TrueType GX and variable font files.' All you really need to know is that this means an attacker could, under certain circumstances, execute arbitrary code. Well, that, and the small matter of the number of devices that the FreeType software is deployed on across various products, which is more than a billion.
The good news is that the latest Android security updates mitigate the attack risk by applying the necessary patch, assuming your device is eligible for the update. If it is, then I would advise you to apply this particular update as soon as is practically possible. Forbes Google's Gmail Password Attack Warning — You Have Just 7 Days To Act By Davey Winder
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
15 minutes ago
- Yahoo
What is a Waymo car?
( — Waymo vehicles have been in headlines over the last few days after anti-immigration enforcement protestors set some of them on fire in Los Angeles. But what are they? A Waymo car is a fully autonomous, self-driving vehicle operated by the company Waymo, a Google subsidiary. It operates on a rideshare service application called Waymo One, which offers on-demand, self-driving transportation in select cities, according to How does ICE know who to deport? Waymo began in 2009 in San Francisco as an experiment and went on in 2016 to become a fully-operational robotaxi service in some major cities. 'The Waymo Driver is the embodiment of fully autonomous technology that is always in control from pickup to destination,' the company said on its website. 'Passengers don't even need to know how to drive. They can sit in the back seat, relax, and enjoy the ride with the Waymo Driver getting them to their destination safely.' Waymo cars are currently available in Phoenix, AZ, San Francisco, Los Angeles, and Austin, TX, according to its website. They are reportedly coming soon to Atlanta, GA, and Miami, FL. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Yahoo
25 minutes ago
- Yahoo
Qualcomm to Buy Alphawave IP for $2.4 Billion
Qualcomm agreed to buy U.K.-listed semiconductor company Alphawave IP Group for about $2.4 billion as it seeks to boost its portfolio of technology used for artificial intelligence, data centers and data storage. The deal concludes two months of talks and will see the U.S. chip maker pay 183 pence a share for the company, a 96% premium to the company's closing price of 93.50 pence on March 31, the day before Qualcomm announced its interest. Warner Discovery Splits Cable From Marquee Streaming, Studio Businesses The Best New Features Coming to Your iPhone, iPad and Mac (and What's Missing) Apple Unveils Array of New Software, but AI Comeback Remains Far Off Think Twice Before You Click 'Unsubscribe' Alexander Brothers File $500 Million Defamation Suit Against The Real Deal On April 1, San Diego-based Qualcomm said it was considering making an offer to buy Alphawave IP Group without disclosing any financial details. Shareholders also have the option of swapping their holding for new Qualcomm shares instead of cash. Alphawave shares jumped 23% to just above the offer price in early trade Monday. 'The combined teams share the goal of building advanced technology solutions and enabling next-level connected computing performance across a wide array of high growth areas, including data-centre infrastructure,' Qualcomm Chief Executive Cristiano Amon said. Alphawave specializes in designing high-speed connectivity technology that enables data to travel faster using lower power. It serves customers in high-growth markets such as data centers, artificial intelligence, 5G wireless infrastructure, data networking, autonomous vehicles and solid-state storage. The company listed in London in 2021 at 410 pence a share but has mostly traded significantly below that level since the initial public offering. The U.K. company's board intends to recommend shareholders accept the deal, which is expected to be completed during the first quarter of 2026. Write to Ian Walker at and Dominic Chopping at Will America's Unbalanced Trade Doom the Dollar? Judge Tosses Justin Baldoni's Lawsuits Against Blake Lively and New York Times The Canned-Food Aisle Is Getting Squeezed by Rising Steel Tariffs WPP CEO to Depart After String of Ad Client Defections Businesses Are Bingeing on Crypto, Dialing Up the Market's Risks Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
an hour ago
- Yahoo
Threads Continues to See Strong Download Momentum in May
This story was originally published on Social Media Today. To receive daily news and insights, subscribe to our free daily Social Media Today newsletter. Threads continues to hold its place in the app download charts, with Meta's Twitter replicant remaining at 8th spot in the list, and seeing an increase in overall download volume in May. As you can see in this latest ranking data from AppFigures, Threads saw 23 million downloads across iOS and Android in May, which is up from 22 million April, and at the same level that the app saw in March. Threads is now up to 350 million monthly active users, and gaining quickly on X, which reported in March that it's now up to 600 million monthly actives, an increase of 50 million year-over-year. Though those figures are somewhat questionable, considering that X has also down 15% on overall European usage since Elon Musk took over at the app, as per its official DSA reporting data. As a private company, X is not obligated to share auditable usage data, but it does have to provide such for Europe, and given that its EU audience is down, it would be surprising if X is somehow gaining significant momentum in other markets, and not only replacing its lost EU users, but also exceeding its previous audience. But even so, Threads is clearly doing something right, as it continues to gain in download numbers, and attract more people to the app. The platform is increasingly putting more focus on real-time news, while it's also enhancing its live event elements, including sports, as it seeks to supplant X as the top platform for in-the-moment engagement. Looking at other app movements, TikTok remains popular, staying in the top three for downloads throughout the year thus far, and switching places back and forth with Instagram for second spot behind ChatGPT. Facebook and WhatsApp have also held their positions in the list, while Snapchat is also still clinging to the top 10. Though it is also interesting to consider Snap's relative challenges in this respect, by comparing the performance of these apps. One of Snapchat's key problems is that while it remains a key utility for younger audiences, it doesn't maintain that hold on older users, and as users age up, it loses them to other apps. That's somewhat reflected in the data, with Snapchat seeing strong download volume, but sitting on fewer users, at 900 million monthly actives, and 460 million daily users. IG, Facebook and TikTok have all surpassed the billion user milestone, and it's interesting to see Snap remaining at lower usage levels, despite relative download interest. It's another reminder of Snap's growth challenges, and how it needs to evolve in line with its audience. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
