
In a rarity, security researchers have discovered hackers exploiting zero-day vulnerabilities to attack Google Pixel phones.
Google on Tuesday issued a security advisory about a pair of newly discovered bugs under active attack. “There are indications that the following may be under limited, targeted exploitation,” the advisory says.
But it doesn’t look like traditional cybercriminals or cyber spies have abused the vulnerabilities to attack the phones remotely. Google is crediting the zero-days discovery to Daniel Micay, a cybersecurity researcher and founder of GrapheneOS, an Android-based operating system focused on security. According to GrapheneOS, “forensic companies” have been exploiting the two vulnerabilities to retrieve data from Pixel phones.
The term forensic companies often refers to vendors that help law enforcement unlock and recover data from confiscated smartphones. In this case, GrapheneOS told PCMag "the vulnerabilities being exploited were reported to us by multiple users, including people who may work in that industry."
...

New Zero-Day Attacks Target Google Pixel Phones
A security researcher at GrapheneOS says 'forensic companies' have been exploiting the flaws to break into phones.
You can't really ever be sure that a cell phone is secure.