According to Qualcomm Technologies, this innovation will primarily affect Android devices with the most recent Qualcomm chipsets, including smartphones with Snapdragon 8 Elite (e.g. OnePlus 13 and Galaxy S25); they will receive Android software and security updates for up to eight years.
Smartphones launching on new Snapdragon 8 and 7-series mobile platforms will also receive this extended support. The program is expected to cover the next five generations of Qualcomm Technologies ASICs.
“The program will also include two upgrades to the mobile platform’s Android Common Kernel (ACK) to support the eight-year window. The kernel is the core of every OS, and these ACK kernel upgrades for Android OS will allow OEMs to provide security for their devices longer. This level of support aligns with the key security initiatives in the U.S. and E.U. aimed at improving the cybersecurity standards for hardware and software products,” – Qualcomm Technologies.
“Through this collaboration, OEMs can more seamlessly update the software and security on their devices, ensuring a more secure and long-lasting Android experience for our users,” – Google.
Earlier, Google and Samsung made a commitment to release security updates for their flagship Android devices for seven years.
In addition, Apple documentation released last year indicates that iPhone 15 and newer devices will receive security updates for at least five years.
2025.01.22 — Fake Homebrew Infects macOS and Linux Machines with infostealer
Attackers use Google ads to disguise themselves as the Homebrew website and distribute malware targeting Mac and Linux systems and stealing logon credentials, browser data, and cryptocurrency wallets.…
Full article →
2025.04.16 — Android devices will restart every three days to protect user data
Google introduces a new security feature for Android devices: locked and unused devices will be automatically restarted after three days of inactivity to return their memory to an…
Full article →
2025.04.04 — Privilege escalation vulnerability in Google Cloud resulting in sensitive data leaks finally patched
Tenable Research revealed details of a recently patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run enabling an attacker to gain access to container images…
Full article →
2025.01.23 — Fake Telegram CAPTCHA forces users to run malicious PowerShell scripts
Hackers used the news of Ross Ulbricht pardoning to lure users to a rogue Telegram channel where they are tricked into running malicious PowerShell code. This…
Full article →
2025.01.26 — Cisco patched a critical vulnerability in Meeting Management
Cisco released updates to fix a critical (CVSS score: 9.9) vulnerability in Meeting Management. The bug enables an unprivileged remote authenticated attacker to gain administrative privileges. The vulnerability…
Full article →
2025.01.27 — Zyxel firewalls reboot due to flawed update
Zyxel warned its customers that a recent signature update may cause critical errors in USG FLEX and ATP series firewalls. As a result, devices go into…
Full article →
2025.02.09 — Abandoned AWS S3 buckets could be used in attacks targeting supply chains
watchTowr discovered plenty of abandoned Amazon S3 buckets that could be used by attackers to deliver malware and backdoors to government agencies and large corporations. The researchers discovered…
Full article →
2025.03.10 — Nearly a million Windows computers impacted by a malvertising campaign
According to Microsoft, nearly 1 million Windows devices fell victim to a sophisticated malvertising campaign in recent months. Cybercriminals were able to steal credentials, cryptocurrency, and sensitive…
Full article →
2025.02.01 — Critical RCE vulnerability fixed in Cacti
A critical vulnerability has been discovered in the open-source Cacti framework: it enables an authenticated attacker to remotely execute arbitrary code. Vulnerability's ID is CVE-2025-22604; its…
Full article →
2025.02.20 — Newly-discovered vulnerabilities in OpenSSH open the door to MiTM and DoS attacks
OpenSSH fixed two vulnerabilities that could result in MiTM and denial of service (DoS) attacks. Interestingly, one of these bugs appeared in the code more than 10…
Full article →