"Qualcomm Patches 3 Zero-Days Reported by Google"

US chip giant Qualcomm recently announced patches for over two dozen product vulnerabilities, including three zero-days reported by Google cybersecurity units.  Qualcomm learned from Google's Threat Analysis Group and Google Project Zero that flaws tracked as CVE-2023-33106, CVE-2023-33107, CVE-2023-33063, and CVE-2022-22071 "may be under limited, targeted exploitation." No information has been shared on the attacks exploiting these vulnerabilities, but the fact that they were reported by Google suggests that they may have been exploited by commercial spyware vendors.

SecurityWeek reports: "Qualcomm Patches 3 Zero-Days Reported by Google"