Hello, tech enthusiasts! Let’s dive into the latest buzz surrounding Android security.

Recently, Google rolled out a crucial update that addresses two zero-day vulnerabilities that were reportedly being exploited by hackers.

One of the flaws, identified as CVE-2024-53197, was unearthed by Amnesty International alongside Google’s Threat Analysis Group. This particular vulnerability has been observed in real-world attacks, affecting the privacy of Android users.

Amnesty discovered that a company named Cellebrite had used a combination of vulnerabilities to gain unauthorized access to Android devices.

Interestingly, this security issue was linked to the hacking of a Serbian student activist’s phone, showcasing the serious implications of such vulnerabilities.

The other flaw, CVE-2024-53150, was discovered within the core of the Android operating system, though details remain sparse.

Google has categorized the most severe of these issues as a critical vulnerability, emphasizing that it allows for remote privilege escalation without needing interaction from the user.

In response, Google is set to push source code fixes within 48 hours to ensure that all Android partners are in the loop and can protect their users.

Keep your devices updated and stay safe!