If you’ve been putting off updating your Android phone, now is the time to do so as Google has released its September 2025 security update which fixes 84 vulnerabilities—including two actively exploited zero-day flaws.

As reported by BleepingComputer, Google claims these two zero-days are currently being used in limited, targeted attacks by hackers. The first zero-day (tracked as CVE-2025-38352) is an elevation of privilege flaw in the Android kernel while the second zero-day (tracked as CVE-2025-48543) is the same type of flaw that exists in the Android Runtime component.

CVE-2025-38352 was first discovered in the Linux kernel back in July and has since been patched. However, we’re now learning that it was actively exploited in Android which is built on Linux. Hackers with the right ski

See Full Page