According to Foresight News, the Chief Information Security Officer of SlowMist, 23pds, has reported that Remote Code Execution (RCE) 0-day vulnerabilities for Android and iOS devices are currently being sold on the dark web. The attack types are categorized as 0click/1Click, and the attack method involves controlling user devices through images or text messages.
Foresight News further explains that an RCE 0-day vulnerability refers to a situation where hackers exploit newly discovered software vulnerabilities to access user information or computers before developers can patch them. This type of vulnerability is particularly dangerous as it allows unauthorized individuals to execute arbitrary code on a user's device without their knowledge or consent.