Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Android framework information disclosure and elevated-access flaws under limited targeted exploitation (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 16
2 unique sources, 2 articles

Summary

Hide ▲

Google patched CVE-2025-48633 and CVE-2025-48572, two Android framework flaws that may be under limited, targeted exploitation, leaving Android 13-16 devices exposed to information disclosure and elevated-access risk until updated. The issues were included in the December 1 Android Security Bulletin, which addressed 51 flaws immediately and queued more fixes for December 5. The vulnerabilities matter because one can disclose information without authorization and the other can raise attacker access on vulnerable devices.

Related Happenings

Android Intrusion Logging forensic logging rollout for spyware investigations

Security Tool/Service
First: 13.05.2026 09:55 Last: 13.05.2026 09:55 Sources 1

About this happening: **Android** is adding **Intrusion Logging**, an opt-in forensic feature in **Advanced Protection Mode** that preserves device and network activity for suspected spyware compromise...

Open Happening

Android 17 expands platform security and privacy protections

Security Tool/Service
First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Open Happening

EngageLab SDK intent redirection security flaw

Vulnerability
First: 09.04.2026 20:26 Last: 09.04.2026 20:26 Sources 1

About this happening: A **now-patched intent redirection vulnerability** in the **EngageLab SDK** could let **malicious apps** bypass the **Android security sandbox** and access private data in apps us...

Open Happening

SparkCat malware variant in App Store and Google Play apps steals wallet recovery phrases

Malware Activity
First: 03.04.2026 12:10 Last: 03.04.2026 12:10 Sources 1

About this happening: The **SparkCat** malware resurfaced in a new variant inside apps on the **Apple App Store** and **Google Play Store**, increasing the risk of mobile crypto wallet theft. The malwa...

Open Happening

NoVoice Android malware hidden in Google Play apps

Malware Activity
First: 01.04.2026 21:07 Last: 01.04.2026 21:07 Sources 1

About this happening: **NoVoice** Android malware was found hidden in **more than 50 Google Play apps**, exposing **at least 2.3 million downloads** to compromise. After installation, it used **old And...

Open Happening

Timeline

  1. 02.12.2025 13:15 2 articles · 5mo ago

    Google discloses Android zero-day vulnerabilities

    Initial Disclosure

    Google's Android Security Bulletin disclosed 107 zero-day vulnerabilities affecting Android and Android Open Source Project (AOSP), and the December 1 patch set immediately covered 51 flaws across the Android framework and system while the remaining fixes were scheduled for December 5.

    Show sources
    Open in new tab
  2. 02.12.2025 13:15 1 articles · 5mo ago

    Google flags limited targeted exploitation of Android framework CVEs

    Technical Analysis Update

    Google said CVE-2025-48633 and CVE-2025-48572 in the Android framework may be under limited, targeted exploitation; both are high-severity information disclosure issues affecting Android 13, 14, 15 and 16, with CVE-2025-48633 enabling unauthorized disclosure of information and CVE-2025-48572 enabling elevated access on vulnerable devices.

    Show sources
    Open in new tab