Tag: android
-
Google fixes critical Dolby Decoder bug in Android January update
Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was addressed in the January 2026 Android security update. Google fixed the flaw in December 2025 for Pixel phones and has now rolled out the fix to…
-
Kimwolf Android botnet abuses residential proxies to infect internal devices
The Kimwolf botnet, an Android variant of the Aisuru malware, has grown to more than two million hosts, most of them infected by exploiting vulnerabilities in residential proxy networks to target devices on internal networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kimwolf-android-botnet-abuses-residential-proxies-to-infect-internal-devices/
-
Product showcase: Blokada for Android gives users control over network traffic
Blokada is a network privacy and ad-blocking application available on Android, iOS, Windows, macOS, and Linux. It is designed to reduce ads, block trackers, and limit unwanted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/06/product-showcase-blokada-android-control-network-traffic/
-
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient.”Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published last…
-
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient.”Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published last…
-
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient.”Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published last…
-
Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices
The Kimwolf botnet has infected over 2 million Android devices, spreading mainly through residential proxy networks, researchers say. The Kimwolf botnet has compromised more than 2 million Android devices, spreading primarily via residential proxy networks, according to cybersecurity firm Synthient. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8…
-
Kimwolf Botnet Exploits 2 Million Devices to Build a Global Proxy Infrastructure
A massive new botnet dubbed >>Kimwolf
-
How to Protect Your iPhone or Android Device From Spyware
Being targeted by sophisticated spyware is relatively rare, but experts say that everyone needs to stay vigilant as this dangerous malware continues to proliferate worldwide. First seen on wired.com Jump to article: www.wired.com/story/how-to-protect-your-iphone-or-android-device-from-spyware/
-
Arkose Labs Android SDK: Enhanced Protection with Mobile Integrity Check
Arkose Labs offers comprehensive mobile SDKs for both Android and iOS, delivering enterprise-grade fraud prevention across major platforms. Now, we’re enhancing our Android SDK with Mobile Integrity Check”, powered by Google Play Integrity API”, to detect compromised devices, modified applications, and emulator-based attacks that evade traditional detection methods. This critical advancement works alongside our bot…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 77
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Choose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in Uzbekistan From Linear to Complex: An Upgrade in RansomHouse Encryption Prince of Persia: A Decade of Iranian Nation-State APT Campaign…
-
Uzbek Users Under Attack by Android SMS-Stealers
Telegram users in Uzbekistan are being targeted with Android SMS-stealer malware, and what’s worse, the attackers are improving their methods. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/uzbek-users-android-sms-stealers
-
Uzbek Users Under Attack by Android SMS Stealers
Telegram users in Uzbekistan are being targeted with Android SMS stealer malware, and what’s worse, the attackers are improving their methods. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/uzbek-users-android-sms-stealers
-
Frogblight Malware Targets Android Users With Fake Court and Aid Apps
Kaspersky warns of ‘Frogblight,’ a new Android malware draining bank accounts in Turkiye. Learn how this ‘court case’ scam steals your data and how to stay safe. First seen on hackread.com Jump to article: hackread.com/frogblight-malware-android-fake-court-aid-apps/
-
PoC Exploit Released for UseFree Vulnerability in Linux Kernel POSIX CPU Timers
A critical race condition vulnerability in the Linux kernel’s POSIX CPU timers has been exposed through a detailed proof-of-concept, one of the most sophisticated kernel exploits targeting Android devices. CVE-2025-38352 represents a use-after-free (UAF) vulnerability in the Linux kernel’s POSIX CPU timers implementation. The flaw was previously reported under limited, targeted exploitation in real-world Android…
-
âš¡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most, firewalls, browser add-ons, and even smart TVs, turning small cracks into serious breaches.The real danger now isn’t just one major attack, but hundreds of quiet ones using the software and…
-
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan.”Previously, users received ‘pure’ Trojan APKs that acted as malware immediately upon installation,” Group-IB said in an analysis published last week. “Now, adversaries increasingly deploy First seen on…
-
Android Security Update Triggers Renewed Attention with Mid-Month Changes
Google’s latest Android security updates are drawing renewed scrutiny this week as revisions, staggered patch rollouts, and follow-on fixes converge across the Android ecosystem. While the underlying security bulletin itself is not new, the way updates are landing on devices now is creating a sense of sudden disruption for users and security teams alike. At……
-
Linkwarden überall, der Lesezeichen-Manager ohne Cloud-Pflicht
Der Open Source Lesezeichen-Manager Linkwarden ist jetzt auch für Android und iOS verfügbar. Er bietet uns faulen Nerds einen Mehrwert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/softwareentwicklung/linkwarden-ueberall-der-lesezeichen-manager-ohne-cloud-pflicht-324506.html
-
Massive Android botnet Kimwolf infects millions, strikes with DDoS
The Kimwolf Android botnet has infected 1.8M+ devices, launching massive DDoS attacks and boosting its C&C domain, says XLab. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8 million devices and issued more than 1.7 billion DDoS attack commands, according to XLab. On October 24, 2025, XLab…
-
Adguard Premium Nightly für Android erneut gecrackt
Tags: androidKürzlich veröffentlichte der Hersteller die Android-App AdGuard Premium Nightly 21. Jetzt erschien davon ein funktionierender Crack. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/smartphones/adguard-premium-nightly-fuer-android-erneut-gecrackt-324326.html
-
Adguard Premium Nightly für Android erneut gecrackt
Tags: androidKürzlich veröffentlichte der Hersteller die Android-App AdGuard Premium Nightly 21. Jetzt erschien davon ein funktionierender Crack. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/smartphones/adguard-premium-nightly-fuer-android-erneut-gecrackt-324326.html
-
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea Express).”The threat actor leveraged QR codes and notification pop-ups to lure victims into installing…
-
‘Cellik’ Android RAT Leverages Google Play Store
The remote access Trojan lets an attacker remotely control a victim’s phone and can generate malicious apps from inside the Play Store. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/cellik-android-rat-leverages-google-play-store
-
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings from QiAnXin XLab.”Kimwolf is a botnet compiled using the NDK [Native Development Kit],”…
-
Cellik Android Malware Uses One-Click APK Builder to Hide in Play Store Apps
A newly discovered Android Remote Access Trojan (RAT) called Cellik is democratizing sophisticated mobile surveillance attacks by bundling advanced spyware capabilities with an automated tool that allows attackers to inject malicious code into legitimate Google Play Store applications seamlessly. The malware address a significant escalation in Android-targeted threats, combining complete device control, real-time surveillance, and…
-
Cellik Android Malware Uses One-Click APK Builder to Hide in Play Store Apps
A newly discovered Android Remote Access Trojan (RAT) called Cellik is democratizing sophisticated mobile surveillance attacks by bundling advanced spyware capabilities with an automated tool that allows attackers to inject malicious code into legitimate Google Play Store applications seamlessly. The malware address a significant escalation in Android-targeted threats, combining complete device control, real-time surveillance, and…