Android
-
Researchers describe “Pixnapping” Android side‑channel that can steal 2FA codes
A team of academic researchers disclosed “Pixnapping,” a side‑channel pixel‑stealing technique that can recover on‑screen data including two‑factor codes on Android by exploiting rendering APIs and graphical operations, and Google has issued patches under CVE‑2025‑48561 while some issues remain unpatched.
-
ESET: Fake Signal and ToTok Android Apps used to deploy spyware in UAE
ESET researchers warned that two spyware campaigns in the UAE use fake Signal and ToTok Android apps disguised as plugins or add‑ons to collect contacts, messages, backups and files; the spyware has been traced to mid‑2022 and is blocked by Google Play Protect for devices with Google Play Services.
-
New Android banking trojan Klopatra has infected more than 3,000 devices, Cleafy says
Cleafy said a new Android banking trojan called Klopatra has infected over 3,000 devices, mainly in Spain and Italy, using VNC remote control, dynamic overlays and abuse of Android accessibility services to steal credentials and perform fraudulent transfers.
-
Unpatched OnePlus flaw lets rogue apps access SMS data, Rapid7 says
Rapid7 has disclosed an unpatched vulnerability in OnePlus OxygenOS that could allow rogue apps to access SMS data and metadata without user interaction, due to exposed content providers in the Telephony package. The flaw, CVE-2025-10184, affects OxygenOS 12 through 15 and remains unpatched as OnePlus investigates; a PoC exploit has been published.
-
Samsung patches critical CVE-2025-21043 Android vulnerability exploited in the wild
Samsung has issued a September 2025 security update to patch CVE-2025-21043, a critical remote code execution flaw in a Quramsoft image parsing library used on Android devices, underscoring the need for immediate patching across affected devices.
-
Google Addresses Critical Vulnerabilities in Android with August Security Updates
Google has released crucial security updates for Android, addressing multiple vulnerabilities linked to Qualcomm chipsets, including serious flaws that have been flagged as actively exploited.
-
New Android Malware Campaign Targeting Telegram Users Uncovered
A recent study by BforeAI reveals a malware campaign deceiving Android users into downloading fake Telegram applications from hundreds of malicious domains, utilizing tactics such as QR code redirects and lookalike websites.
-
Android Malware Anatsa Targets US Banks Through Infiltrated Google Play Apps
The Anatsa banking trojan has returned to Google Play disguised as a PDF viewer app, compromising 50,000 downloads and targeting US banking customers. Security experts warn users to uninstall affected apps immediately and to secure their banking credentials.
-
Surge in Android Malware: AntiDot Threats Compromise Thousands of Devices
Researchers have uncovered a significant surge in Android malware, particularly the AntiDot strain, which has compromised thousands of devices through sophisticated phishing campaigns and Malware-as-a-Service distribution.
-
FBI Issues Warning as BADBOX 2.0 Malware Infects Over 1 Million Devices
The FBI has warned that the BADBOX 2.0 malware has infected over one million consumer devices, transforming them into tools for cybercriminals. The widespread malware affects various Android IoT gadgets, posing significant threats to home network security.
