Researchers have discovered ten vulnerabilities in Google’s Quick Share file-transferring utility for Android, Windows, and Chrome. Some were combined into a remote code execution attack against Quick Share for Windows. The flaws, which were exploitable when transferring files between devices, enabled unauthorized file writing, forced wifi connections, and denial of service attacks. Google has since fixed all the vulnerabilities and issued two Common Vulnerabilities and Exposures (CVE) identifiers.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is