Google has warned that active spyware exploits are targeting Android devices, with more than 30 per cent of phones running unsupported software left permanently exposed and no security fix on the way.
Google has issued a stark warning that a significant portion of the Android ecosystem is exposed to active security threats – with no fix on the way for millions of users.
The company confirmed that two high-severity vulnerabilities, tracked as CVE-2025-48633 and CVE-2025-48572, are being exploited in targeted attacks linked to mercenary spyware.
While patches have been released, they only apply to devices running Android 13 through Android 16.
That leaves more than 30 per cent of Android phones – over one billion devices – permanently unprotected.
The flaws sit within Android’s framework and can be triggered remotely without requiring elevated privileges.
Google has said there are “indications” the vulnerabilities are already being used in the wild, and history suggests such exploits rarely stay limited for long.
Once weaponised more broadly, they can be chained with other bugs to enable deeper compromise.
The core issue is fragmentation, as Android updates must pass through manufacturers, many of which take weeks – or months – to roll them out.
Even users with supported phones can be left exposed during that delay.
For those still running Android 12 or older, however, there is no update coming at all.
Mobile security firm Zimperium has warned that more than half of smartphones worldwide are typically running outdated software at any given time, making them prime targets as attacks accelerate.
By comparison, Apple’s tightly controlled update model means roughly 90 per cent of iPhones are running supported versions of iOS.
Google is urging users to install security updates as soon as they become available and to seriously consider upgrading if their device is no longer supported.
Google says 30 per cent of Android users are in danger of being hacked with no fix coming
