📣 Send us your press release
Site updates every 15 minutes
Technology

Android Vulnerability Discovered Allowing Phone Takeover via Single Link

Security firm Nebula Security has revealed a new exploit for Android devices. The "IonStack" attack chain requires only a single link click to achieve full device control.

10 July 2026
Android Vulnerability Discovered Allowing Phone Takeover via Single Link
Image is an AI-generated illustration

Nebula Security, a YC-backed security startup, has unveiled what it calls the first complete root exploit chain for Android, dubbed "IonStack." The method allows attackers to gain full control of a user's phone after they click a single web link. This attack relies on chaining together two previously unknown vulnerabilities.

The exploit begins with a zero-day vulnerability in the Firefox browser, affecting versions prior to 151.0.2. This serves as the initial entry point when a user clicks a malicious URL. Following this, a separate zero-day vulnerability in the Linux kernel, which has reportedly existed for about 15 years in common distributions, allows the attacker to escalate privileges from the browser's sandbox to full kernel-level control.

Once kernel access is achieved, attackers can perform actions such as data exfiltration, surveillance, persistent backdoor installation, and complete remote control of the device. Nebula Security stated that security researchers discovered this exploit chain before malicious actors could widely weaponize it.

While the exploit is presented as targeting Android 17, older versions of the Android operating system are also susceptible. Users are advised to update their Firefox browsers to version 151.0.3 or later to mitigate the browser-specific vulnerability.

Original source: ithome.com