Tag: android
-
New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch
Meta patched two WhatsApp flaws affecting iOS, Android, and Windows users, including bugs tied to risky files, links, and Reels previews. The post New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-users-update-meta-security-flaws/
-
Google Update: Android Flaw Could Put Billions of Devices at Risk
Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk. The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-zero-click-rce-patch/
-
Critical Android vulnerability CVE-2026-0073 fixed by Google
Google patched a critical Android flaw (CVE”‘2026″‘0073) that lets attackers run code remotely without user action. Google released a security update for Android to address a critical remote code execution flaw, tracked as CVE”‘2026″‘0073, in the System component. The bug allowed attackers to run code as the shell user without needing extra permissions, or any…
-
Google to pay up to $1.5 million for zero-click Pixel Titan M exploits
Google has revised its Android and Chrome Vulnerability Reward Programs (VRPs), which pay security researchers to report vulnerabilities in Android, Google hardware, and the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/google-vulnerability-reward-program-android-chrome-pixel/
-
North Korean APT Targets Yanbian Gamers via Trojanized Platform
ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply”‘chain attack, trojanizing Windows and Android software to spy on users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scarcruft-birdcall-android-yanbian/
-
Android Zero-Click RCE Vulnerability Enables Remote Shell Access
A patched Android RCE flaw allows nearby attackers to gain zero-click remote shell access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/android-zero-click-rce-vulnerability-enables-remote-shell-access/
-
ScarCruft Targets Gaming Platform With Windows, Android Backdoors
A sophisticated multiplatform supply-chain attack orchestrated by the North Korea-aligned APT group ScarCruft, targeting ethnic Koreans in China’s Yanbian region through a compromised gaming platform. The attack, believed to have been ongoing since late 2024, weaponized both Windows and Android components of sqgame[.]net, a video game platform that hosts traditional Yanbian-themed card and board games.…
-
Google now offers up to $1.5 million for some Android exploits
Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial intelligence (AI) has made easier to find. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-now-offers-up-to-15-million-for-some-android-exploits/
-
Cerberus Stalkerware Hits Google Play, Abuses Accessibility and Firebase for Remote Control
Cerberus Anti-theft, a long-running Android “security” app, is operating as full-featured stalkerware on Google Play, abusing accessibility services and Google Firebase to give abusers near-total remote control over victims’ phones. Once installed, Cerberus lets an abuser push a custom lock”‘screen notification to the victim’s device from a web dashboard at cerberusapp.com or a paired smartwatch.…
-
FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware
A massive fraud network called FEMITBOT uses Telegram Mini Apps and fake brand names like Apple, Disney, and… First seen on hackread.com Jump to article: hackread.com/femitbot-telegram-mini-apps-crypto-scam-android-malware/
-
North Koreans Spy on Defectors Via Android Game Apps
Website Popular in Korean Ethnic Enclave in China Hosts Apps Laced With a Backdoor. A North Korean hacking group has been spying on a Korean ethnic enclave in China by infiltrating the Android apps of a regional gaming platform that hosts digital card and board games. Researchers attributed the supply-chain attack to a threat actor…
-
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China.While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to have…
-
North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China
A gaming platform built for ethnic Koreans in China has been serving backdoored Windows and Android software to its users since late 2024. The platform, sqgame[.]net, hosts … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/china-scarcruft-supply-chain-attack/
-
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
-
Critical Android Zero-Click Vulnerability Enables Remote Shell Access
Google has released the Android Security Bulletin for May 2026, addressing a highly critical vulnerability that allows attackers to execute code remotely without any user interaction. Published on May 4, 2026, the latest security update focuses heavily on a severe flaw located within the Android System component. Threat actors can exploit this vulnerability to gain…
-
5 Best VPNs for Android in 2026
Explore the best VPNs for Android devices in 2026. Find out which VPN offers the best security, speed and features for your Android device. The post 5 Best VPNs for Android in 2026 appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/best-vpn-for-android/
-
âš¡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches.While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems.The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and…
-
Telegram Mini Apps Abused for Crypto Scams and Android Malware Delivery
What happened CTM360 researchers have uncovered a large-scale fraud operation using Telegram’s Mini App feature to run cryptocurrency scams, impersonate major brands, and distribute Android malware. The platform behind the operation, dubbed FEMITBOT based on a string found in API responses, uses Telegram bots and embedded Mini Apps to create convincing app-like experiences within the…The…
-
Botnet Hijacks ADB-Exposed Android Devices to Target Minecraft Servers
New research has uncovered a Mirai-derived botnet called xlabs_v1 that turns Android devices with exposed Android Debug Bridge (ADB) into a distributed attack platform for knocking Minecraft servers and other game hosts offline. By abusing TCP port 5555 on poorly secured Android-based hardware, the operators are quietly building a rentable DDoS-for-hire service aimed at the gaming ecosystem.…
-
Telegram Mini Apps abused for crypto scams, Android malware delivery
Cybersecurity researchers have uncovered a large-scale fraud operation that uses Telegram’s Mini App feature to run crypto scams, impersonate well-known brands, and distribute Android malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telegram-mini-apps-abused-for-crypto-scams-android-malware-delivery/
-
Google Revamps Bug Bounty Programs: Android Rewards Rise, Chrome Payouts Drop in the Age of AI
Google revamps bug bounties: Android rewards rise to $1.5M, Chrome payouts drop, shifting focus to high-impact, AI-resistant vulnerabilities. Google has announced a major overhaul of its Vulnerability Reward Programs (VRP) for Android and Chrome, marking a strategic shift in how the company approaches cybersecurity. The update comes as artificial intelligence tools are reshaping the field…
-
Samsung’s Free Android Upgrade Brings Better Security to Galaxy Phones
Samsung’s One UI 8.5 update may bring stronger Galaxy security controls as users report battery drain and overheating after recent patches. The post Samsung’s Free Android Upgrade Brings Better Security to Galaxy Phones appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-samsung-one-ui-8-5-galaxy-security-battery-drain/
-
New Android Spyware Platform Enables Rebranding and Resale
A newly discovered Android spyware platform is raising concerns among cybersecurity researchers by introducing a business model that allows buyers to rebrand and resell surveillance malware as their own product. Buyers can subscribe to the service, customize branding, and launch their own spyware operation with minimal effort. KidsProtect presents itself as a parental monitoring app,…
-
New Android spyware Morpheus linked to Italian surveillance firm
Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organization Osservatorio Nessuno exposed a new spyware called Morpheus, distributed through fake Android apps posing as updates. Once installed, it can steal extensive data from the infected devices. The report shows strong demand…
-
Fake KYC Android Malware Spreads via WhatsApp to Hijack Bank Accounts
A new Android malware campaign is masquerading as a “Banking KYC” verification app and spreading via WhatsApp messages to target banking users in India. The malware is delivered as an APK shared over WhatsApp, posing as an urgent bank KYC or account verification update similar to previously reported Indian banking fraud campaigns. Victims are told…
-
Fake Document Reader App Hits 10K Downloads, Spreads Anatsa Malware
A newly discovered malicious Android application masquerading as a document reader was found on the Google Play Store, infecting users with the notorious Anatsa banking trojan. The app, which had already surpassed 10,000 downloads before its removal, highlights the ongoing threat of malware slipping through official app marketplaces. The malicious app was hosted on the…
-
Another spyware maker caught distributing fake Android snooping apps
Researchers have found a new case where government authorities used a fake Android app to plant spyware on a target’s phone. The company that allegedly developed the spyware was not previously known to sell this type of software. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/24/another-spyware-maker-caught-distributing-fake-android-snooping-apps/
-
A study of 1,000 Android apps finds a privacy policy logging gap
Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/android-privacy-policy-logging-research/
-
A study of 1,000 Android apps finds a privacy policy logging gap
Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/android-privacy-policy-logging-research/
-
Warnung vor neuen Android-Trojanern: 800 Apps betroffen
Zimperium identifiziert vier neue Android-Banking-Trojaner. Über 800 Finanz- und Krypto-Apps weltweit sind betroffen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/android-trojaner-800-apps-betroffen