Top 13 Recent Security Vulnerabilities and Privacy Updates You Must Know
This roundup highlights the latest critical security flaws—from Chrome zero‑day exploits and Android malware to GitLab RCE attacks—alongside important privacy compliance news such as new personal data protection laws and major fines for Apple and Google.
Vulnerability Security News
Google fixed two zero‑day vulnerabilities in Chrome – https://securityaffairs.co/wordpress/123906/security/chrome-zero-day-flaws.html
A new Android malware can obtain root access on smartphones – https://thehackernews.com/2021/10/this-new-android-malware-can-gain-root.html
Google released the Android November security patch fixing multiple bugs – https://www.bleepingcomputer.com/news/security/android-november-patch-fixes-actively-exploited-kernel-bug/
Hackers actively exploiting an unauthenticated RCE vulnerability in GitLab – https://thehackernews.com/2021/11/alert-hackers-exploiting-gitlab.html
Widespread security risks discovered in phones and Bluetooth devices, affecting roughly 40% of phones – https://spectrum.ieee.org/bluetooth-security
New malware targeting Android users' Instagram accounts – https://www.freebuf.com/news/304412.html
New Android banking malware observed in Europe and the United States – https://www.freebuf.com/articles/305038.html
Black Hat Europe 2021 talk analysis: security attack surface in Wi‑Fi Mesh – https://paper.seebug.org/1762/
Security researchers found 11 malicious packages in the PyPI repository – https://securityaffairs.co/wordpress/124861/hacking/malicious-pypi-python-packages.html
Beware of the increasingly sophisticated Android banking malware “BrazKing” – https://www.freebuf.com/news/305905.html
New variant of Android APT spyware targeting Middle‑East victims – https://news.sophos.com/en-us/2021/11/23/android-apt-spyware-targeting-middle-east-victims-improves-its-capabilities/
Two serious vulnerabilities discovered in the popular video‑conferencing app Zoom – https://www.freebuf.com/news/306543.html
A batch of Android banking trojans evaded official app‑store detection, reaching 300,000 downloads before removal – https://www.cnbeta.com/articles/tech/1208981.htm
Privacy Compliance News
China's Personal Information Protection Law takes effect in November, adding a “security lock” for personal privacy – https://www.freebuf.com/news/302938.html
Draft of the "Classification Method for Pre‑installed Applications on Mobile Smart Devices" released for public comment – https://www.freebuf.com/news/304941.html
Apple and Google fined heavily for insufficient transparency in user‑data collection – https://www.freebuf.com/news/306343.html
Public solicitation for comments on the group standards "App Personal Information Collection and Use Review Guidelines (Draft)" and "Mobile Smart Device Personal Information Protection Guide (Draft)" – https://www.cybersac.cn/News/getNewsDetail/id/1891
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
OPPO Amber Lab
Centered on user data security and privacy, we conduct research and open our tech capabilities to developers, building an information‑security fortress for partners and users and safeguarding OPPO device security.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.