Android Tablet Firmware Backdoor Discovered, Dell Zero-Day Exploit Exposed Since 2024
A Zero-Day Vulnerability in Dell’s RecoverPoint Software Exploited Since 2024
A suspected China-linked cyberespionage group has been secretly exploiting a critical zero-day flaw in Dell’s RecoverPoint for Virtual Machines software since at least mid-2024. The attackers deployed stealthy backdoors, a webshell, and maintained long-term access inside targeted networks.
Exploitation and Impact
According to research from Google’s threat intelligence team and Mandiant, the vulnerability (CVE-2026-22769) was used to gain unauthorized access to sensitive data and disrupt operations. The attackers’ tactics, techniques, and procedures (TTPs) suggest a high degree of sophistication and a focus on remaining undetected.
According to research from Google’s threat intelligence team and Mandiant, the vulnerability (CVE-2026-22769) was used to gain unauthorized access to sensitive data and disrupt operations.
Other Security Incidents
In a related development, Google has patched a high-severity zero-day vulnerability (CVE-2026-2441) in the CSS processing component of Google Chrome. The vulnerability allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Meanwhile, researchers have discovered a new Android backdoor embedded directly in device firmware, which can quietly take control of apps and harvest data. The malware, named Keenadu, was inserted during the firmware build process, not after devices reached users.
In other news, a critical security vulnerability (CVE-2026-2329) in Grandstream VoIP phones could let hackers remotely take full control of the devices and even intercept calls. Additionally, a malicious intruder accessed France’s national bank account registry, FICOBA, enabling them to view information tied to 1.2 million accounts.
Microsoft has disclosed a privilege-escalation vulnerability in Windows Admin Center (WAC), a browser-based platform widely used by IT administrators and infrastructure teams. The vulnerability (CVE-2026-26119) could allow an attacker to gain elevated privileges and access sensitive data.
Conclusion
These incidents demonstrate the ongoing need for vigilance and proactive security measures to protect against evolving threats. Organizations must prioritize patching, vulnerability management, and security awareness to prevent exploitation and minimize the risk of data breaches.