The monthly Android security update covers 47 vulnerabilities, including a high-severity defect in the widely used FreeType software library.

Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.

The vulnerability threat intelligence firm’s research reinforces a slew of recent reports warning about increased exploits in 2024.

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…

Infostealers fueled the staying power of identity-based attacks, increasing 84% on a weekly average last year, according to IBM X-Force.

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia.

Serbian security services exploited one of the actively exploited vulnerabilities to break into the phone of a youth activist in Serbia, according to Amnesty International.

More than three-quarters of the vulnerabilities covered in the vendor’s monthly Patch Tuesday update are high-severity flaws.

The since-patched vulnerabilities allowed for privilege escalation, DLL hijacking, file modification and even total system compromise.