Skip to main content

Warning: Devices Running Android Versions 12, 12L, 13, or 14 at high Risk.

 

The Indian Computer Emergency Response Team (CERT-In) has issued a warning to Android users. The cyber security authority has spotted “high risk” vulnerabilities on Android smart phones powered by Qualcomm and MediaTek chipsets. It added that the smartphones affected are running on Android versions 12, 12L, 13, and 14 software.

These multiple vulnerabilities can be exploited by an attacker to get access to sensitive information and gain elevated privileges. As per the warning, these vulnerabilities exist in Android due to flaws in the Framework, System, Kernel, Arm component, Imagination Technologies, MediaTek components, Qualcomm components and Qualcomm closed-source components.

Notably, the critical security flaw identified in the Framework component poses a risk of privilege escalation, allowing attackers to gain elevated access without any additional execution privileges. The severity of this vulnerability is determined by its potential impact on affected devices, assuming that typical security measures are disabled or successfully evaded.

To protect your Android Smartphone from this potential security threat, to update to the latest version of Android where possible. Additionally, turn on auto-updates so that your software operating system is up to date, minimizing the possibility of such security threats. Make sure that you download apps from trusted platforms only like Google Play Store. It is also advised not to click on links sent via unsolicited messages, email and more.

CERT-In has also issued a “severe” warning for Apple users who own iPhones, iPads, Macs, and more regarding multiple vulnerabilities. As per the warning, these vulnerabilities can expose users to risks like information leaks, unauthorized code execution, security bypasses, denial of service (DoS) attacks, and spoofing attacks.

The advisory stated, “Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) and perform spoofing attacks on the targeted system”.














Popular posts from this blog

ChatGPT-5 Is Powerful and Fast, But It Can’t Replace Software Engineers!

  As someone who’s been following tech closely for over a decade, I’ve seen countless innovations come and go but few have stirred as much excitement and debate as ChatGPT. ChatGPT has developed, and launch ChatGPT 5, it genuinely seems that the enhancements have significantly slowed down. Previous iterations led to significant advancements in AI capabilities, particularly in assisting with coding. However, the enhancements now seem minor and somewhat gradual. It feels as though we’re experiencing diminishing returns in the extent to which these models improve at truly substituting real coding tasks. The vast majority of people say that AI is going to replace software engineers very soon. Yes, AI can perform simple activities and support routine activities, but where there are intricate things like planning the system, tackling more challenging problems, grasping actual business needs, and collaboration with others, it hasn't been able to catch up yet. T hese require creativity...
Read more

Security Flaw in India's Income Tax Portal Exposes Sensitive Taxpayer Data

A major security vulnerability in India's income tax filing portal has been fixed, TechCrunch reported. The flaw, discovered by security researchers Akshay CS and "Viral" in September, allowed logged-in users to access real-time personal and financial information of other taxpayers. This included sensitive details such as full names, home addresses, email addresses, dates of birth, phone numbers and bank account information. Exposed Aadhaar numbers of individuals The security flaw in the income tax filing portal also exposed Aadhaar numbers, a unique government-issued identification number used for identity verification and accessing government services. TechCrunch verified the data by allowing researchers to search its records on the portal. The researchers confirmed on October 2 that the vulnerability had been patched. Discovery process Researchers found bug while filing tax returns The researchers found the security flaw while filing their recent income tax return on...
Read more

Beware of Fake Starlink Mini Messages: Satellite internet is not free in India.

    A viral message is making the rounds on WhatsApp and social media in India, claiming to offer zero monthly fees and unlimited internet  via a device called   Starlink Mini.While the offer may sound tempting but it is completely misleading and has been flagged by the Indian government as unauthorized and false. Starlink Is Not Yet Operational in India As of June 2025 The satellite internet service by Elon Musk’s SpaceX has not launched its commercial operations in India. Although the company has received a Letter of Intent from the Department of Telecommunications (DoT), it still requires key regulatory approvals including: 1.Spectrum allocation 2.Clearance from IN-SPACE (Indian National Space Promotion and Authorization Centre) Until these approvals are granted, no official Starlink services including Starlink Mini are available in India. Once Starlink gets the green light to operate in India, here’s what consumers can realistically expect: Monthly ...
Read more