Tag: android
-
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
Fighting a self-spreading spyware: Experts say combating ClayRat requires both technical hardening and behavioral hygiene.”Security teams should enforce a layered mobile security posture that reduces installation paths, detects compromise, and limits blast radius,” said Jason Soroko, Senior Fellow at Sectigo. He recommends blocking sideloading through Android Enterprise policy, deploying mobile threat defense integrated with endpoint…
-
ClayRat Spyware Campaign Targets Android Users in Russia
A new ClayRat spyware campaign has been observed targeting Russian users via fake apps on Telegram and exfiltrating data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clayrat-spyware-targets-android/
-
Unlocking the Future: What Android Screen Unlocking Reveals About Next-Gen IAM
Forgot your Android password, PIN, or pattern? Discover how Dr.Fone Screen Unlock helps you regain access but also where Identity and Access Management (IAM) is headed. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/unlocking-the-future-what-android-screen-unlocking-reveals-about-next-gen-iam/
-
Unlocking the Future: What Android Screen Unlocking Reveals About Next-Gen IAM
Forgot your Android password, PIN, or pattern? Discover how Dr.Fone Screen Unlock helps you regain access but also where Identity and Access Management (IAM) is headed. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/unlocking-the-future-what-android-screen-unlocking-reveals-about-next-gen-iam/
-
Windows und Android: Google schließt schwerwiegende Lücken in Chrome
Ein Pufferüberlauf in Chrome für Windows, MacOS, Linux und Android erlaubt unter Umständen eine Remotecodeausführung. First seen on golem.de Jump to article: www.golem.de/news/windows-und-android-google-schliesst-schwerwiegende-luecken-in-chrome-2510-200916.html
-
Spyware Disguised as Signal and ToTok Apps Targets UAE Android Users
ESET warns of fake Signal and ToTok apps spreading Android spyware in the UAE, stealing contacts, messages, and chat backups from users. First seen on hackread.com Jump to article: hackread.com/spyware-fake-signal-totok-apps-uae-android-users/
-
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/steam-and-microsoft-warn-of-unity-flaw-exposing-gamers-to-attacks/
-
New ‘Fully Undetectable’ Android RAT Discovered on GitHub
Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in battery-optimized environments, and deliver a feature-rich command-and-control (C2C) experience entirely from a web interface. This Android RAT sets itself apart by eliminating the traditional requirement for a desktop or laptop in the attack chain. A…
-
Android and Windows gamers worldwide potentially affected by bug in Unity game engine
An advisory from Unity, which makes the software behind dozens of popular games, warns developers to patch a vulnerability that could allow an attacker to execute code via an affected app. First seen on therecord.media Jump to article: therecord.media/unity-game-engine-vulnerability-android-windows-linux-macos
-
Unity Warns Developers of Security Vulnerability Affecting Games on Android, Windows, and Linux Platforms
A recently disclosed security vulnerability in Unity has prompted security updates and, in some cases, game removals across platforms like Steam. The issue affects Unity versions 2017.1 and later, spanning a wide range of games and applications released over the last several years. According to Unity, this Unity vulnerability impacts software built for Android, Windows, macOS,…
-
Nach Kritik von F-Droid: Google verteidigt Maßnahmen gegen bisheriges Sideloading
Künftig lässt sich keine Android-App mehr per Sideloading installieren, ohne dass Google davon weiß. Das bringt dem Unternehmen mehr Macht. First seen on golem.de Jump to article: www.golem.de/news/nach-kritik-von-f-droid-google-verteidigt-massnahmen-gegen-bisheriges-sideloading-2510-200810.html
-
Android Not Reading SD Card? Here’s How to Fix it
As we all know, the SD card usually stores your multimedia and important mobile files. When Android suddenly… First seen on hackread.com Jump to article: hackread.com/android-not-reading-sd-card-heres-how-to-fix-it/
-
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security risks, especially for BYOD environments. First seen on hackread.com Jump to article: hackread.com/studyfree-ios-android-vpn-apps-leak-data/
-
Hundreds of Free VPN Apps Expose Android and iOS Users’ Personal Data
Virtual Private Networks (VPNs) are trusted by millions to protect privacy, secure communications, and enable remote access on their mobile devices. But what if the very apps designed to safeguard your data are riddled with dangerous security flaws that expose the exact information they promise to protect? A comprehensive security and privacy analysis by Zimperium…
-
Android spyware disguised as legitimate messaging apps targets UAE victims, researchers reveal
The campaign involves apps posing as Signal and the defunct ToTok, according to ESET. First seen on cyberscoop.com Jump to article: cyberscoop.com/android-spyware-disguised-as-legitimate-messaging-apps-targets-uae-victims-researchers-reveal/
-
Android spyware campaigns impersonate Signal and ToTok messengers
Two new spyware campaigns that researchers call ProSpy and ToSpy lured Android users with fake upgrades or plugins for the Signal and ToTok messaging apps to steal sensitive data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-spyware-campaigns-impersonate-signal-and-totok-messengers/
-
ProSpy and ToSpy: New spyware families impersonating secure messaging apps
ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the spyware through … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/02/android-spyware-signal-totok/
-
Android Spyware in the UAE Masquerades as … Spyware
In a clever, messed-up twist on brand impersonation, attackers are passing off their spyware as a notorious UAE government surveillance app. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/android-spyware-uae-spyware
-
Android malware uses VNC to give attackers hands-on access
A new Android banking and remote access trojan (RAT) dubbed Klopatra disguised as an IPTV and VPN app has infected more than 3,000 devices across Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-uses-vnc-to-give-attackers-hands-on-access/
-
F-Droid project threatened by Google’s new dev registration rules
F-Droid is warning that the project could reach an end due to Google’s new requirements for all Android developers to verify their identity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/f-droid-project-threatened-by-googles-new-dev-registration-rules/
-
New Android RAT Klopatra Targets Financial Data
New Android RAT Klopatra is targeting financial institutions using advanced evasion techniques First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-rat-klopatra-targets/
-
New Smish: New York Department of Revenue
As I was visiting SmishTank to report the most recent SMish that I had received (an iMessage from a +27 South African telephone number claiming to be from ParkMobile) I noticed there had been many recent submissions from the New York Department of Revenue. SmishTank is operated by Professor Muhammad Lutfor Rahman, a colleague of mine…
-
New Android Banking Trojan Uses Hidden VNC for Full Remote Control of Devices
In late August 2025, Cleafy’s Threat Intelligence team uncovered Klopatra, a new, highly sophisticated Android banking trojan and Remote Access Trojan (RAT) that grants attackers full control of compromised devices and facilitates large-scale financial fraud. Active campaigns in Spain and Italy have already infected over 3,000 devices, targeting users of major financial institutions and draining…
-
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly.Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior First seen on…
-
F-Droid-Projekt durch Google-Pläne in Gefahr
Google hegt Pläne, sein Android so anzupassen, dass alle Entwickler von Android-Apps sich registrieren müssen. Andernfalls soll die App nicht mehr ausgeführt werden können. Das F-Droid-Projekt schlägt nun Alarm, weil man davon ausgeht, dass dies das Aus bedeutet. Android-App-Entwickler-Registrierung: Worum … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/30/f-droid-projekt-durch-google-plaene-in-gefahr/
-
Your budget Android phone might be spying on you
Researchers have found that many low-cost Android devices come with pre-installed apps that have high-level access to the system. Unlike apps from the Google Play Store, many … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/30/low-cost-android-devices-security-risks/
-
Google’s dev registration plan ‘will end the F-Droid project’
Open source Android app store cannot exist if Google’s plans go ahead, says F-Droid board member First seen on theregister.com Jump to article: www.theregister.com/2025/09/29/googles_dev_registration_plan_will/
-
Banking Trojans Targeting Android Users Disguise as Government and Trusted Payment Apps
Since August 2024, a financially motivated threat group has been targeting Android users in Indonesia and Vietnam with banking trojans disguised as official government identity and payment applications. By employing elaborate download mechanisms, reusing infrastructure, and leveraging template-based spoofed sites, the operators have used a coordinated campaign to evade detection and steal user credentials. The…
-
Banking Trojans Targeting Android Users Disguise as Government and Trusted Payment Apps
Since August 2024, a financially motivated threat group has been targeting Android users in Indonesia and Vietnam with banking trojans disguised as official government identity and payment applications. By employing elaborate download mechanisms, reusing infrastructure, and leveraging template-based spoofed sites, the operators have used a coordinated campaign to evade detection and steal user credentials. The…