Researchers have discovered ten vulnerabilities in Google’s Quick Share file-transferring utility for Android, Windows, and Chrome. Some were combined into a remote code execution attack against Quick Share for Windows. The flaws, which were exploitable when transferring files between devices, enabled unauthorized file writing, forced wifi connections, and denial of service attacks. Google has since fixed all the vulnerabilities and issued two Common Vulnerabilities and Exposures (CVE) identifiers.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and