Latest news with #ThreatAnalysisGroup
TechCrunch
3 days ago
- Business
- TechCrunch
Phone chipmaker Qualcomm fixes three zero-days exploited by hackers
Chipmaker giant Qualcomm released patches on Monday fixing a series of vulnerabilities in dozens of chips, including three zero-days that the company said may be in use as part of hacking campaigns. Qualcomm cited Google's Threat Analysis Group, or TAG, which investigates government-backed cyberattacks, saying the three flaws 'may be under limited, targeted exploitation.' According to the company's bulletin, Google's Android security team reported the three zero-days (CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038) to Qualcomm in February. Zero-days are security vulnerabilities that are not known to the software or hardware maker at the time of their discovery, making them extremely valuable for cybercriminals and government hackers. Because of Android's open source and distributed nature, it's now up to device manufacturers to apply the patches provided by Qualcomm, which means some devices may still be vulnerable for several more weeks, despite the fact that there are patches available. Contact Us Do you have more information about these Qualcomm zero-days? Or other zero-day exploits or zero-day makers? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about these Qualcomm zero-days? Or other zero-day exploits or zero-day makers? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . Qualcomm said in the bulletin that the patches 'have been made available to [device makers] in May together with a strong recommendation to deploy the update on affected devices as soon as possible.' Google spokesperson Ed Fernandez told TechCrunch that the company's Pixel devices are not affected by these Qualcomm vulnerabilities. When reached by TechCrunch, a spokesperson for Google's TAG did not immediately provide more information about these vulnerabilities, and the circumstances in which TAG found them. Qualcomm did not respond to a request for comment. Chipsets found in mobile devices are frequent targets for hackers and zero-day exploit developers because chips generally have wide access to the rest of the operating system, which means hackers can jump from there to other parts of the device that may hold sensitive data. In the last few months, there have been documented cases of exploitation against Qualcomm chipsets. Last year, Amnesty International identified a Qualcomm zero-day that was being used by Serbian authorities, likely by using phone unlocking tool maker Cellebrite.
Forbes
3 days ago
- Business
- Forbes
Google Issues Emergency Update For All 3 Billion Chrome Users
Update all browsers now. Google has suddenly released an emergency Chrome update, warning that a vulnerability discovered by its Threat Analysis Group has been used in attacks. Such is the severity of the risk, that Google also confirmed that ahead of this update, The issue 'was mitigated on 2025-05-28 by a configuration change' pushed out to all platforms. Google says it 'is aware that an exploit for CVE-2025-5419 exists in the wild,' and that full access to details on the vulnerability will 'be be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.' CVE-2025-5419 is an out of bounds read and write in V8, the type of dangerous memory flaw typically found and fixed on the world's most popular browser. While it's only marked as high-severity, the fact attacks are underway means apply the fix is critical. There is already a U.S. government mandate for federal staff to update Chrome by Thursday or stop using the browser, after a separate attack warning. And there has been another high-severity fix since then, with two separate fixes. It is inevitable that this latest warning and update will also prompt CISA to issue a 21-day update mandate. There is a second fix included in this emergency update — CVE-2025-5068 is another memory issue, a 'use after free in Blink,' that was disclosed by an external researcher. NIST warns that CVE-2025-5419 'allows a remote attacker to potentially exploit heap corruption via a crafted HTML page,' and that it applies across Chromium, suggesting other browsers will also issue emergency patches. As usual, you should a flag on your browser that see the update has downloaded. You need to restart Chrome to ensure it takes full effect. All your normal tabs will then reopen — unless you elect not to do that. But your Incognito tabs will not reopen, so make sure you save any work or copy down any URLs you want to revisit.
Daily Tribune
20-04-2025
- Daily Tribune
Apple Urges iPhone Users to Update Immediately as iOS 18.4.1 Patches Active Security Threats
Apple has officially rolled out iOS 18.4.1, accompanied by a critical advisory urging iPhone users to update their devices without delay. The latest software update addresses two significant security vulnerabilities that, according to Apple, are actively being exploited in real-world attacks. While the tech giant has remained tight-lipped on the specifics of the flaws—likely to prevent wider exploitation before users have a chance to secure their devices—Apple confirmed that one of the issues lies within CoreAudio, the system responsible for processing audio on iPhones. The vulnerability, identified as CVE-2025-31200, was discovered and reported jointly by Apple and Google's Threat Analysis Group. It involves the potential for malicious audio files to execute harmful code on a device, allowing attackers to gain unauthorized access or control. 'Processing an audio stream in a maliciously crafted media file may result in code execution,' Apple stated in its security release. Apple has a policy of withholding detailed descriptions of vulnerabilities until a majority of users have applied the necessary updates, to minimize the risk of widespread abuse. The company has not disclosed the full details of the second flaw patched in iOS 18.4.1, but emphasized that both were serious enough to prompt immediate action. Users are encouraged to navigate to Settings > General > Software Update and install the latest version to keep their devices secure. As threat actors grow increasingly sophisticated, regular updates remain one of the most essential lines of defense for iPhone users.
