A newly disclosed zero-day vulnerability affecting Qualcomm graphics components has been actively exploited in targeted attacks against Android devices. The flaw, tracked as CVE-2026-21385, can trigger memory corruption through improperly handled user data, potentially enabling attackers to execute malicious code or gain unauthorized access to the device. The issue affects hundreds of Qualcomm chipsets used across a wide range of Android smartphones and tablets. Because the vulnerability resides in low-level hardware components, exploitation can bypass many traditional app-level defenses. The incident highlights the importance of timely Android security updates and stronger monitoring of mobile endpoint behavior.
Read the full report here.
