Tag: android
-
Newly identified Android spyware appears to be from a commercial vendor
Researchers spotted a 9-month-long campaign involving previously undiscovered spyware they call LANDFALL, which leveraged a zero-day bug in Samsung Galaxy phones. First seen on therecord.media Jump to article: therecord.media/landfall-spyware-middle-east-appears-commercial-grade
-
Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp
A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in targeted attacks in the Middle East.The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the “libimagecodec.quram.so” component that could allow remote attackers to execute arbitrary First…
-
‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones
A newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/07/landfall-spyware-abused-zero-day-to-hack-samsung-galaxy-phones/
-
Test der EFF: Diese AntiTools schützen am besten vor Spionage-Apps
Mit Stalkerware lassen sich leicht Mitmenschen ausspionieren. Ein neuer Test zeigt, welche Anti-Virus-Tools für Android den besten Schutz bieten. First seen on golem.de Jump to article: www.golem.de/news/test-der-eff-diese-anti-virus-tools-schuetzen-am-besten-vor-spionage-apps-2511-201941.html
-
Google Issues Emergency Chrome 142 Update to Fix Multiple High-Risk Vulnerabilities
Google has rolled out an emergency update for its Chrome browser, version 142, to address a series of serious remote code execution (RCE) vulnerabilities that could allow attackers to take control of affected systems. The update, released on November 5, 2025, is being distributed gradually across desktop platforms, Windows, macOS, and Linux, as well as…
-
Google Issues Emergency Chrome 142 Update to Fix Multiple High-Risk Vulnerabilities
Google has rolled out an emergency update for its Chrome browser, version 142, to address a series of serious remote code execution (RCE) vulnerabilities that could allow attackers to take control of affected systems. The update, released on November 5, 2025, is being distributed gradually across desktop platforms, Windows, macOS, and Linux, as well as…
-
Beware: 239 Dangerous Android Apps Found on Google Play with 40M+ Installs
Tags: android, cyber, cybersecurity, google, infrastructure, iot, malicious, marketplace, mobile, threatCybersecurity threats targeting mobile devices and critical infrastructure have reached alarming new heights, according to Zscaler’s latest research. The latest findings from Zscaler, Inc. (NASDAQ: ZS) expose a sophisticated campaign by threat actors who have successfully infiltrated Google’s official app marketplace with hundreds of malicious applications. The company’s ThreatLabz 2025 Mobile, IoT, and OT Threat…
-
Beware: 239 Dangerous Android Apps Found on Google Play with 40M+ Installs
Tags: android, cyber, cybersecurity, google, infrastructure, iot, malicious, marketplace, mobile, threatCybersecurity threats targeting mobile devices and critical infrastructure have reached alarming new heights, according to Zscaler’s latest research. The latest findings from Zscaler, Inc. (NASDAQ: ZS) expose a sophisticated campaign by threat actors who have successfully infiltrated Google’s official app marketplace with hundreds of malicious applications. The company’s ThreatLabz 2025 Mobile, IoT, and OT Threat…
-
Beware: 239 Dangerous Android Apps Found on Google Play with 40M+ Installs
Tags: android, cyber, cybersecurity, google, infrastructure, iot, malicious, marketplace, mobile, threatCybersecurity threats targeting mobile devices and critical infrastructure have reached alarming new heights, according to Zscaler’s latest research. The latest findings from Zscaler, Inc. (NASDAQ: ZS) expose a sophisticated campaign by threat actors who have successfully infiltrated Google’s official app marketplace with hundreds of malicious applications. The company’s ThreatLabz 2025 Mobile, IoT, and OT Threat…
-
Beware: 239 Dangerous Android Apps Found on Google Play with 40M+ Installs
Tags: android, cyber, cybersecurity, google, infrastructure, iot, malicious, marketplace, mobile, threatCybersecurity threats targeting mobile devices and critical infrastructure have reached alarming new heights, according to Zscaler’s latest research. The latest findings from Zscaler, Inc. (NASDAQ: ZS) expose a sophisticated campaign by threat actors who have successfully infiltrated Google’s official app marketplace with hundreds of malicious applications. The company’s ThreatLabz 2025 Mobile, IoT, and OT Threat…
-
Securing the Open Android Ecosystem with Samsung Knox
Raise your hand if you’ve heard the myth, “Android isn’t secure.”Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security”, after all, work data is critical.However, outdated concerns can hold your business back from unlocking its full potential. The truth is, with…
-
Hundreds of Malware-Laden Apps Downloaded 42 Million Times From Google Play
Zscaler estimates 239 malicious Android apps made it onto the official Play store over the past year First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apps-download-41-million-times/
-
Global Spies Use ZipperDown and Android Zero-Days for 1-Click Email Client RCE and Account Takeover
The post Global Spies Use ZipperDown and Android Zero-Days for 1-Click Email Client RCE and Account Takeover appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/global-spies-use-zipperdown-and-android-zero-days-for-1-click-email-client-rce-and-account-takeover/
-
Malicious Android apps on Google Play downloaded 42 million times
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-android-apps-on-google-play-downloaded-42-million-times/
-
Google fixed a critical remote code execution in Android
Google’s November 2025 Android update fixes two flaws in the System component, including a critical remote code execution issue. Google’s November 2025 Android security updates addressed two vulnerabilities impacting the System component. The fixes are included in the 2025-11-01 security patch level, the only patch level released this month by the IT giant. >>The most…
-
Android Zero-Click Flaw Lets Hackers Take Over Devices
A critical zero-click flaw in Android allows hackers to take over devices without user interaction, prompting Google to issue urgent security updates. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/android-zero-click-flaw-lets-hackers-take-over-devices/
-
Android Zero-Click Flaw Lets Hackers Take Over Devices
A critical zero-click flaw in Android allows hackers to take over devices without user interaction, prompting Google to issue urgent security updates. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/android-zero-click-flaw-lets-hackers-take-over-devices/
-
HerodotusBanking-Trojaner imitiert menschliches Verhalten
Der Herodotus-Android-Banking-Trojaner ist ein Beispiel für einen sich weiterentwickelnden Bedrohungsvektor, bei dem bösartiger Code zunehmend menschliches Verhalten imitiert. Beispielsweise werden subtile Pausen und Verzögerungen einfügt, um menschlich zu wirken und der Erkennung zu entgehen. Es veranschaulicht, wie Angreifer Automatisierung und künstliche Intelligenz nutzen, um legitime Benutzerinteraktionen nachzuahmen und so genau die Systeme zu umgehen, die…
-
HerodotusBanking-Trojaner imitiert menschliches Verhalten
Der Herodotus-Android-Banking-Trojaner ist ein Beispiel für einen sich weiterentwickelnden Bedrohungsvektor, bei dem bösartiger Code zunehmend menschliches Verhalten imitiert. Beispielsweise werden subtile Pausen und Verzögerungen einfügt, um menschlich zu wirken und der Erkennung zu entgehen. Es veranschaulicht, wie Angreifer Automatisierung und künstliche Intelligenz nutzen, um legitime Benutzerinteraktionen nachzuahmen und so genau die Systeme zu umgehen, die…
-
Android Hit by 0-Click RCE Vulnerability in Core System Component
Google has released an urgent security alert addressing a critical remote code execution vulnerability affecting Android devices worldwide. The vulnerability, tracked as CVE-2025-48593, exists in Android’s System component and requires no user interaction for exploitation, making it an exceptionally dangerous threat. The flaw affects Android versions 13 through 16 and demands immediate attention from device…
-
Android Malware Mutes Alerts, Drains Crypto Wallets
Android/BankBot-YNRK is currently targeting users in Indonesia by masquerading as legitimate applications. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/android-malware-mutes-alerts-drains-crypto-wallets
-
Android Apps misusing NFC and HCE to steal payment data on the rise
Zimperium zLabs found 760+ Android apps abusing NFC and HCE to steal payment data, showing a surge in NFC relay fraud since April 2024. Zimperium zLabs researchers spotted over 760 Android apps abusing Near-Field Communication (NFC) and Host Card Emulation (HCE) to steal payment data and commit fraud, showing rapid growth in NFC relay attacks…
-
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data
Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices.According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to sidestep analysis efforts by first checking its running within a virtualized or emulated environment First seen on…

