AI Search
CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200
Google fixes critical Dolby Decoder bug in Android January update
Resecurity Went on the Cyber Offensive – When ‘Shiny Objects’ trick ‘Shiny Hunters’
Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025
Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices
The cybercriminal behind the 2016 Bitfinex hack has been released from prison early thanks to Trump’s 2018 First Step Act
VVS Stealer, a new python malware steals Discord credentials
Resecurity Caught ShinyHunters in Honeypot
What is happening to the Internet in Venezuela? Did the U.S. use cyber capabilities?
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78
Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION
President Trump blocks $2.9M Emcore chip sale over security concerns
French authorities investigate AI ‘undressing’ deepfakes on X
Thousands of ColdFusion exploit attempts spotted during Christmas holiday
Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case
Covenant Health data breach after ransomware attack impacted over 478,000 people
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
IBM warns of critical API Connect bug enabling remote access
Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen
React2Shell under attack: RondoDox Botnet spreads miners and malware
A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was addressed in the January 2026 Android security update. Google fixed the flaw in December 2025 for Pixel phones and has now rolled out the fix to all Android devices.
The flaw in Dolby DD+ decoders (UDC v4.5–v4.13) can cause an out-of-bounds write when processing a specially crafted DD+ bitstream, potentially increasing risk on Android devices, including Pixel, if chained with other vulnerabilities.
“An out of bounds write within UDC v4.5 -> UDC v4.13 may occur when a unique Dolby Digital Plus (DD+) bitstream is processed by a DD+ decoder. This issue does not occur with a standard DD+ bitstream but only when a manually edited (though “valid”) bitstream is created. Dolby authoring tools are incapable of creating this type of bitstream.” reads the advisory. “We are aware of a report found with Google Pixel devices indicating that there is a possible increased risk of vulnerability if this bug is used alongside other known Pixel vulnerabilities. Other Android mobile devices could be at risk of similar vulnerabilities”
Google Project Zero’s Ivan Fratric and Natalie Silvanovich discovered the vulnerability in October 2025.
Google Project Zero researchers state that an integer overflow can cause an out-of-bounds write, potentially overwriting pointers. On Android, it’s a 0-click bug because audio is decoded automatically.
“When a file is processed by Dolby’s DDPlus Unified Decoder, an out of bounds write is possible when the evolution data is processed. The decoder writes evolution information into a large, heap-like contiguous buffer contained by a larger struct, and the length calculation for one write can overflow due to integer wrap. This leads to the ‘allocated’ buffer to be too small, and the out-of-bounds check of the subsequent write to be ineffective. This can allow later members of the struct to be overwritten, including a pointer that is written to when the next syncframe is processed.” reads the report published by Google Project Zero. “On Android, this is a 0-click vulnerability, as Android locally decodes all incoming audio messages and audio attachments for transcription, using this decoder, without the user interacting with the device. This code is present on MacOS, but it is not clear whether this bug is reachable due to pre-processing checks.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, CVE-2025-54957)
Security / January 06, 2026
Security / January 06, 2026
Cyber Crime / January 06, 2026
APT / January 05, 2026
Malware / January 05, 2026
To contact me write an email to:
Pierluigi Paganini :
[email protected]
Copyright@securityaffairs 2024
