10:43
iOS 18 to feature Humane AI Pin-style iMessage summaries
10:43
X introduces AI-generated news summaries powered by Grok
19:11
Boom's XB-1 supersonic jet approved to break the speed of sound
22:51
Google paid Apple $20 billion to remain default search engine in Safari in 2022
22:51
SpaceX opens applications for tourist flights to space in 2024
08:14
Amazon's Twitch launches Discovery Feed, competing with TikTok in short-form videos
10:43
iOS 18 to feature Humane AI Pin-style iMessage summaries
10:43
X introduces AI-generated news summaries powered by Grok
19:11
Boom's XB-1 supersonic jet approved to break the speed of sound
22:51
Google paid Apple $20 billion to remain default search engine in Safari in 2022
22:51
SpaceX opens applications for tourist flights to space in 2024
08:14
Amazon's Twitch launches Discovery Feed, competing with TikTok in short-form videos
10:43
iOS 18 to feature Humane AI Pin-style iMessage summaries
10:43
X introduces AI-generated news summaries powered by Grok
19:11
Boom's XB-1 supersonic jet approved to break the speed of sound
22:51
Google paid Apple $20 billion to remain default search engine in Safari in 2022
22:51
SpaceX opens applications for tourist flights to space in 2024
08:14
Amazon's Twitch launches Discovery Feed, competing with TikTok in short-form videos
10:43
iOS 18 to feature Humane AI Pin-style iMessage summaries
10:43
X introduces AI-generated news summaries powered by Grok
19:11
Boom's XB-1 supersonic jet approved to break the speed of sound
22:51
Google paid Apple $20 billion to remain default search engine in Safari in 2022
22:51
SpaceX opens applications for tourist flights to space in 2024
08:14
Amazon's Twitch launches Discovery Feed, competing with TikTok in short-form videos
Google has discovered three zero-day security vulnerabilities found in Samsung smartphones used by a commercial surveillance vendor.
A chain of vulnerabilities allowing an attacker to gain kernel read and write privileges as root user and ultimately expose device data were discovered in Samsung's software.
Google Project Zero security researcher Maddie Stone said the vulnerability affects Samsung phones with an Exynos chip running a specific kernel version. Stone added that Samsung phones with the affected kernel at the time included the S10, A50 and A51.
The flaws have now been fixed. They were exploited by a malicious Android app, which the user could fraudulently install from outside the app shop.
The first vulnerability in this chain, the arbitrary file read and write, was the foundation of this chain, used four different times and used at least once in each step,
wrote Stone.
Google did not name a commercial surveillance vendor, but said the exploitation follows a pattern similar to recent device infections in which malicious Android apps were used to deliver powerful government spyware.
Editor’s pick
