Pixel Phone Zero-Days Exploited by Forensic Firms

April 4, 2024 at 08:30AM Google’s April 2024 security update for Pixel phones addresses two zero-day vulnerabilities, CVE-2024-29745 and CVE-2024-29748, which forensic firms are exploiting to access device data. GrapheneOS, a privacy and security-focused mobile platform, urges additional mitigations. These include a partial fix from Google, but GrapheneOS proposes further measures such as auto-reboots and … Read more

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

April 3, 2024 at 12:57PM Google disclosed two Android security flaws, CVE-2024-29745 and CVE-2024-29748, exploited by forensic companies on Pixel smartphones. These vulnerabilities include information disclosure in the bootloader and privilege escalation in firmware. GrapheneOS confirmed the active exploitation of these flaws and urged Google to introduce measures against firmware vulnerabilities. (Words: 50) Key takeaways … Read more