Tag: android
-
WhatsApp adds message translation to iPhone and Android apps
WhatsApp has started rolling out a new translation feature that enables Android and iPhone users to translate messages in chats, groups, and channel updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whatsapp-adds-message-translation-to-iphone-and-android-apps/
-
OnePlus leaves researchers on read over Android bug that exposes texts
Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won’t pick up First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/rapid7_oneplus_android_bug/
-
Alle Android-Versionen betroffen: Samsung patcht gefährliche Whatsapp-Sicherheitslücke
First seen on t3n.de Jump to article: t3n.de/news/android-samsung-sicherheitsluecke-whatsapp-1707544/
-
1 in 3 Android Apps Leak Sensitive Data
One third of Android and over half iOS apps shown to be leaking insecure APIs and hardcoded secrets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-apps-leak-sensitive-data/
-
Millionenfach installiert: 224 Malware-nachladende Apps bei Google Play entdeckt
Die Android-Malware hat täglich Klicks auf Milliarden versteckter Werbeanzeigen ausgeführt – zur Bereicherung der Angreifer. First seen on golem.de Jump to article: www.golem.de/news/millionenfach-installiert-224-malware-nachladende-apps-bei-google-play-entdeckt-2509-200171.html
-
Google Play Flooded With 224 Malicious Apps, 38 Million Downloads Deliver Malware
A global ad fraud and click fraud operation, dubbed SlopAds, comprising 224 Android apps that collectively amassed more than 38 million downloads across 228 countries and territories. Under the guise of AI-themed utilities, these apps employ advanced obfuscation techniques”, such as steganography and hidden WebViews”, to deliver a fraud payload that generates billions of ad…
-
Google nukes 224 Android malware apps behind massive ad fraud campaign
A massive Android ad fraud operation dubbed “SlopAds” was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per day. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-nukes-224-android-malware-apps-behind-massive-ad-fraud-campaign/
-
SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids
A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps, collectively attracting 38 million downloads across 228 countries and territories.”These apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashout sites, generating fraudulent ad impressions and clicks,” HUMAN’s Satori Threat Intelligence and…
-
‘SlopAds’ Fraud Campaign Uses Novel Obfuscation Techniques
Steganography, Mobile Marketing Attribution, Code Obfuscation Deployed for Ad Fraud. A cybercrime crew using Android mobile apps to conduct advertising fraud took unusual pains to hide its activity, concealing malicious code in downloadable digital images and holding off from infecting the subset of users who organically found their apps through the Google Play store. First…
-
Samsung’s image library flaw opens a zero-click backdoor
Patch now or risk a backdoor: A September 2025 Release 1 patch addresses the flaw that affects devices running Android versions 13 through 16. “Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code,” Samsung said in the disclosure.For enterprises, CVE-2025-21043 is more than a personal device issueit…
-
Samsung Fixes Image Parsing Vulnerability Exploited in Android Attacks
Samsung patched CVE-2025-21043, a critical flaw in its Android devices exploited in live attacks. Users urged to install September 2025 update. First seen on hackread.com Jump to article: hackread.com/samsung-android-image-parsing-vulnerability-attacks/
-
Android-Trojaner RatOn: Automatische Überweisungen an Hacker Krypto-Diebstahl im Doppelpack
Neuer Android-Trojaner RatOn bringt automatische Überweisungen, Krypto-Klau & Fake-Ransomware. ThreatFabric deckt die Kampagne auf. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/android-trojaner-raton-automatische-ueberweisungen-an-hacker-krypto-diebstahl-im-doppelpack-320681.html
-
Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages
A similar vuln on Apple devices was used against ‘specific targeted users’ First seen on theregister.com Jump to article: www.theregister.com/2025/09/12/samsung_fixes_android_0day/
-
Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks
Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks.The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in arbitrary code execution.”Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to First…
-
Samsung fixed actively exploited zero-day
Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CVE-2025-21043, that was exploited in zero-day attacks against Android users. The vulnerability is an out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit…
-
Samsung patches actively exploited zero-day reported by WhatsApp
Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samsung-patches-actively-exploited-zero-day-reported-by-whatsapp/
-
Pixel 10 fights AI fakes with new Android photo verification tech
Google is integrating C2PA Content Credentials into the Pixel 10 camera and Google Photos, to help users distinguish between authentic, unaltered images and those generated or edited with artificial intelligence technology. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pixel-10-fights-ai-fakes-with-new-android-photo-verification-tech/
-
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
A new Android malware called RatOn evolved from a basic tool capable of conducting Near Field Communication (NFC) attacks to a sophisticated remote access trojan with Automated Transfer System (ATS) capabilities to conduct device fraud.”RatOn merges traditional overlay attacks with automatic money transfers and NFC relay functionality making it a uniquely powerful threat,” the Dutch…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
Tor Project veröffentlicht Beta von Android VPN-App
Das Tor-Projekt hat gerade die Beta-Version einer VPN-App für Android freigegeben. Die App ermöglicht es, den Internetverkehr über das Tor-Netzwerk zu routen. Ich bin gestern über nachfolgenden BlueSky-Post auf den Sachverhalt gestoßen. Die Beta-Version der VPN-App ist im Google Play … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/tor-project-veroeffentlicht-beta-von-android-vpn-app/
-
Early Access: The Tor Project startet eigene VPN-App für Android
Die Schöpfer des Tor-Netzwerkes mischen den VPN-Markt mit einer neuen App auf. Interessierte dürfen schon testen, sollten aber vorsichtig bleiben. First seen on golem.de Jump to article: www.golem.de/news/android-the-tor-project-startet-eigene-vpn-app-als-beta-2509-199910.html
-
Tor Project veröffentlicht Beta von Android VPN-App
Das Tor-Projekt hat gerade die Beta-Version einer VPN-App für Android freigegeben. Die App ermöglicht es, den Internetverkehr über das Tor-Netzwerk zu routen. Ich bin gestern über nachfolgenden BlueSky-Post auf den Sachverhalt gestoßen. Die Beta-Version der VPN-App ist im Google Play … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/tor-project-veroeffentlicht-beta-von-android-vpn-app/
-
The Tor Project startet eigene VPN-App als Beta
Die Schöpfer des Tor-Netzwerkes mischen den VPN-Markt mit einer neuen App auf. Interessierte dürfen schon testen, sollten aber vorsichtig bleiben. First seen on golem.de Jump to article: www.golem.de/news/android-the-tor-project-startet-eigene-vpn-app-als-beta-2509-199910.html
-
Nextcloud: Datenschutzkritischer Bug in Android-App?
Tags: androidIn der Android-App für Nextcloud gibt es wohl einen Bug, der im Hinblick auf Datenschutz nicht unkritisch ist. Uploads von Medieninhalten werden auf verschiedene Ordner verteilt, auch wenn der Nutzer das gar nicht so vorgesehen hat. Nextcloud und die Android-App … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/nextcloud-datenschutzkritischer-bug-in-android-app/
-
Nextcloud: Datenschutzkritischer Bug in Android-App?
Tags: androidIn der Android-App für Nextcloud gibt es wohl einen Bug, der im Hinblick auf Datenschutz nicht unkritisch ist. Uploads von Medieninhalten werden auf verschiedene Ordner verteilt, auch wenn der Nutzer das gar nicht so vorgesehen hat. Nextcloud und die Android-App … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/nextcloud-datenschutzkritischer-bug-in-android-app/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean APT37 targeting South Korea Three Lazarus RATs coming for your cheese Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide Android Droppers: The Silent…
-
Over 143,000 Malware Files Target Android and iOS Users in Q2 2025
In the second quarter of 2025, users of Android and iOS devices faced relentless cyberthreats, with Kaspersky Security Network reporting nearly 143,000 malicious installation packages detected across its mobile security products. Although the overall number of mobile attacks”, including malware, adware, and potentially unwanted software”, dropped to 10.71 million in Q2, Trojans remained the predominant…
-
7 Best Password Managers (2025), Tested and Reviewed
Keep your logins locked down with our favorite password management apps for PC, Mac, Android, iPhone, and web browsers. First seen on wired.com Jump to article: www.wired.com/story/best-password-managers/
-
U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog
Tags: android, cisa, cybersecurity, exploit, flaw, google, infrastructure, kev, linux, update, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Sitecore, Android, and Linux to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: This week, Google released security updates to address 120 Android…