Android is under attack. Google issued a warning on Dec.1 along with what is essentially an emergency update. This was rushed out to all Pixel users. But for most Samsung users, these fixes are not yet available, despite attacks now underway.

Google confirms CVE-2025-48633 and CVE-2025-48572 “may be under limited, targeted exploitation," with attacks that can achieve “remote denial of service" on target smartphones "with no additional execution privileges needed.”

Samsung confirmed its own fixes within hours of Google’s warning. It also fixed three other vulnerabilities disclosed by Google’s Project Zero, which studies zero-days "in the hardware and software systems that are depended upon by users around the world.”

Just 24 hours after Google confirmed the Android attacks, the U.S. cyber defense agency issued its own warning, mandating federal staff update or stop using phones. “Android’s Framework,” CISA says on its known exploited vulnerability website, “contains an unspecified vulnerability that allows for privilege escalation.”