June 13, 2024 at 01:39PM Google’s latest Pixel update includes patches for 50 security vulnerabilities, with one already being exploited as a zero-day attack. GrapheneOS confirms the exploit and mentions forensics companies targeting users with certain apps. The update aims to address this and other issues, but requires manual installation. Additionally, Arm has flagged a … Read more
April 4, 2024 at 08:30AM Google’s April 2024 security update for Pixel phones addresses two zero-day vulnerabilities, CVE-2024-29745 and CVE-2024-29748, which forensic firms are exploiting to access device data. GrapheneOS, a privacy and security-focused mobile platform, urges additional mitigations. These include a partial fix from Google, but GrapheneOS proposes further measures such as auto-reboots and … Read more
April 3, 2024 at 12:57PM Google disclosed two Android security flaws, CVE-2024-29745 and CVE-2024-29748, exploited by forensic companies on Pixel smartphones. These vulnerabilities include information disclosure in the bootloader and privilege escalation in firmware. GrapheneOS confirmed the active exploitation of these flaws and urged Google to introduce measures against firmware vulnerabilities. (Words: 50) Key takeaways … Read more
April 3, 2024 at 10:52AM Google has fixed two zero-day vulnerabilities in Google Pixel devices that were exploited by forensic companies to unlock phones without a PIN and access stored data. The vulnerabilities, CVE-2024-29745 and CVE-2024-29748, were actively exploited, prompting Google to issue a security update that addresses 24 vulnerabilities, including critical ones. Users can … Read more
January 14, 2024 at 02:36PM The GrapheneOS team suggests introducing an auto-reboot feature for Android to reduce exploitation of firmware flaws, affecting data theft and spying on Google Pixel and Samsung Galaxy phones. They recommend a shorter reboot interval and emphasize the importance of device encryption and security. Google is reviewing the reported vulnerabilities while … Read more