A critical Android zero-day vulnerability, CVE-2025-48595, is being actively exploited in targeted attacks — no user interaction required. Disclosed in Google's June 2026 Android Security Bulletin, the flaw sits in the Android Framework and lets attackers remotely escalate privileges, bypassing core security boundaries to access sensitive system resources.
Devices running Android 14, 15, 16, and 16 QPR2 are all affected. Patch level 2026-06-05 fixes the issue, and Google notified OEM partners over a month ahead of public disclosure. Users should update immediately — sideloaders face the highest risk, as third-party app channels are common exploit delivery points.
Source: Cybersecurity News