Collecting Cyber-News from over 60 sources

Tag: android

TrickMo Android Malware Targets Banking, Wallet, and Authenticator Apps

May 12, 2026 8:18 AM

Tags: android, banking, cyber, fintech, malware, network

TrickMo, the Android banking malware, has resurfaced with a significantly redesigned architecture, targeting banking, fintech, wallet, and authenticator applications while introducing advanced stealth and network capabilities. Rather than introducing entirely new user-facing functionality, the latest TrickMo variant focuses on backend improvements. The malware retains its core device takeover (DTO) capabilities but enhances stealth, persistence, and…
Google Says Hackers Used AI to Develop a Zero-Day Exploit

May 12, 2026 1:19 AM

Tags: ai, android, attack, backdoor, exploit, github, google, hacker, supply-chain, zero-day

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI. First seen on hackread.com Jump to article: hackread.com/google-hackers-used-ai-develop-zero-day-exploit/
iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users

May 11, 2026 10:19 PM

Tags: android, apple, encryption, iphone, service

Apple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5. The feature is launching in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/11/apple-ios-26-5-rcs-end-to-end-encryption-iphone-android/
TrickMo Variant Routes Android Trojan Traffic Through TON

May 11, 2026 6:18 PM

Tags: android, banking, network

ThreatFabric finds new TrickMo Android banking trojan variant routing C2 through The Open Network First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/trickmo-c-ton-network-android/
TrickMo Android banker adopts TON blockchain for covert comms

May 11, 2026 5:20 PM

Tags: android, banking, blockchain, control, malware, network

A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/trickmo-android-banker-adopts-ton-blockchain-for-covert-comms/
PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access

May 11, 2026 5:20 PM

Tags: access, android, cve, cyber, exploit, flaw, github, google, remote-code-execution, vulnerability

Public references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 security bulletin, raising the urgency for defenders with wireless ADB enabled on test or production devices. Google and multiple security reports describe the issue as a no-interaction remote code execution vulnerability in Android’s adbd…
Product showcase: NetGuard open-source firewall for Android

May 8, 2026 7:48 AM

Tags: android, firewall, Internet, open-source, phone, service, vpn

NetGuard is a free, open-source firewall for Android phones and tablets that provides users with a simple way to block internet access. Android does not allow VPN services to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/08/product-showcase-netguard-open-source-firewall-android/
From Android TVs to routers: the xlabs_v1 Mirai-based botnet built for DDoS attacks

May 7, 2026 1:48 PM

Tags: android, attack, botnet, ddos, iot, router

A new Mirai”‘based botnet, xlabs_v1, hijacks ADB”‘exposed IoT devices for powerful DDoS attacks, with 21 flooding methods and DDoS”‘for”‘hire use. A new Mirai”‘derived botnet called xlabs_v1 is hijacking internet”‘exposed devices running Android Debug Bridge (ADB) and using them for large”‘scale DDoS attacks. Hunt.io discovered the bot on an unsecured server, it includes 21 flood techniques…
CallPhantom Android scam reached 7.3 million downloads on Google Play

May 7, 2026 11:48 AM

Tags: android, google, india, phone, scam

Scams targeting Android users in India and across the Asia-Pacific region have grown around a long-standing curiosity gap: the desire to look up call records tied to a phone … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/07/callphantom-android-scam-google-play/
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

May 6, 2026 11:50 PM

Tags: android, attack, botnet, cybersecurity, data-breach, ddos, exploit, Internet, iot, malware, network, service

Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge (ADB) to enlist them in a network capable of carrying out distributed denial-of-service (DDoS) attacks.Hunt.io, which detailed the malware, said it made the discovery after identifying an exposed directory on a Netherlands-hosted First seen on…
FEMITBOT Network Exploits Telegram Mini Apps to Spread Crypto Scams and Android Malware

May 6, 2026 3:47 PM

Tags: android, credentials, crypto, cyber, exploit, fraud, login, malware, network, scam, social-engineering, tool

A large-scale fraud and malware operation called FEMITBOT that abuses Telegram Mini Apps to steal cryptocurrency and infect Android devices. The campaign shows how trusted in-app web experiences can be turned into powerful tools for social engineering and credential theft. Telegram Mini Apps are lightweight web applications that run inside Telegram, offering seamless login, payments,…
Microsoft Teams on Android Now Lets Users Join External Meetings Through SIP

May 6, 2026 2:48 PM

Tags: android, communications, conference, cyber, microsoft, update

Microsoft is set to bridge the gap in enterprise unified communications with a highly anticipated update to its conference room hardware. Starting in June 2026, Microsoft Teams Rooms on Android will officially support joining third-party external meetings through Session Initiation Protocol (SIP). This strategic development aims to deliver seamless cross-platform interoperability for organizations relying on…
Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks

May 6, 2026 12:48 PM

Tags: android, attack, google, supply-chain

Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks.”This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute,” Google’s product and security teams said.The initiative builds upon the foundation of Pixel Binary Transparency, which Google…
Chrome on Android can now hide your exact location from websites

May 6, 2026 10:49 AM

Tags: android, browser, chrome, control, google, privacy

Google is improving location privacy features that give users more control over sharing their location. On Chrome for Android, users can now choose to share their approximate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/06/google-chrome-android-hide-location/
Google expands Android Binary Transparency to counter supply chain attacks

May 6, 2026 8:49 AM

Tags: ai, android, attack, google, government, mobile, phone, software, supply-chain

Supply chain attacks on mobile software have grown alongside the expanding role of phones in daily life, from payments to government IDs to AI features. Google is responding … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/06/google-android-binary-transparency/
Ein falsches Spiel: ScarCruft kompromittiert Spieleplattform in einer Supply-Chain-Attacke

May 6, 2026 8:49 AM

Tags: android, apt, backdoor, cyberattack, supply-chain, windows

ESET-Forscher haben einen anhaltenden Angriff der APT-Gruppe ScarCruft aufgedeckt, der Windows- und Android-Spiele mit Backdoors gegen Bewohner der chinesischen Region Yanbian einsetzt. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/ein-falsches-spiel-scarcruft-kompromittiert-spieleplattform-in-einer-supply-chain-attacke/
North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware

May 6, 2026 5:48 AM

Tags: android, backdoor, china, cybersecurity, hacker, malware, north-korea

Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company called Sqgame. First seen on therecord.media Jump to article: therecord.media/north-korean-hackers-target-ethnic-koreans-in-china
New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch

May 5, 2026 11:47 PM

Tags: android, flaw, update, windows

Meta patched two WhatsApp flaws affecting iOS, Android, and Windows users, including bugs tied to risky files, links, and Reels previews. The post New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-users-update-meta-security-flaws/
Google Update: Android Flaw Could Put Billions of Devices at Risk

May 5, 2026 11:47 PM

Tags: android, flaw, google, mobile, rce, remote-code-execution, risk, update

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk. The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-zero-click-rce-patch/
New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch

May 5, 2026 10:48 PM

Tags: android, flaw, update, windows

Meta patched two WhatsApp flaws affecting iOS, Android, and Windows users, including bugs tied to risky files, links, and Reels previews. The post New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-users-update-meta-security-flaws/
Google Update: Android Flaw Could Put Billions of Devices at Risk

May 5, 2026 10:48 PM

Tags: android, flaw, google, mobile, rce, remote-code-execution, risk, update

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk. The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-zero-click-rce-patch/
New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch

May 5, 2026 9:48 PM

Tags: android, flaw, update, windows

Meta patched two WhatsApp flaws affecting iOS, Android, and Windows users, including bugs tied to risky files, links, and Reels previews. The post New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-users-update-meta-security-flaws/
Google Update: Android Flaw Could Put Billions of Devices at Risk

May 5, 2026 9:48 PM

Tags: android, flaw, google, mobile, rce, remote-code-execution, risk, update

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk. The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-zero-click-rce-patch/
Critical Android vulnerability CVE-2026-0073 fixed by Google

May 5, 2026 5:49 PM

Tags: android, cve, flaw, google, remote-code-execution, update, vulnerability

Google patched a critical Android flaw (CVE”‘2026″‘0073) that lets attackers run code remotely without user action. Google released a security update for Android to address a critical remote code execution flaw, tracked as CVE”‘2026″‘0073, in the System component. The bug allowed attackers to run code as the shell user without needing extra permissions, or any…
Google to pay up to $1.5 million for zero-click Pixel Titan M exploits

May 5, 2026 5:49 PM

Tags: android, browser, chrome, exploit, google, Hardware, vulnerability

Google has revised its Android and Chrome Vulnerability Reward Programs (VRPs), which pay security researchers to report vulnerabilities in Android, Google hardware, and the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/google-vulnerability-reward-program-android-chrome-pixel/
North Korean APT Targets Yanbian Gamers via Trojanized Platform

May 5, 2026 5:49 PM

Tags: android, apt, attack, hacker, north-korea, software, spy, windows

ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply”‘chain attack, trojanizing Windows and Android software to spy on users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scarcruft-birdcall-android-yanbian/
Android Zero-Click RCE Vulnerability Enables Remote Shell Access

May 5, 2026 4:49 PM

Tags: android, flaw, rce, remote-code-execution, vulnerability

A patched Android RCE flaw allows nearby attackers to gain zero-click remote shell access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/android-zero-click-rce-vulnerability-enables-remote-shell-access/
ScarCruft Targets Gaming Platform With Windows, Android Backdoors

May 5, 2026 4:49 PM

Tags: android, apt, attack, backdoor, china, cyber, group, korea, north-korea, supply-chain, windows

A sophisticated multiplatform supply-chain attack orchestrated by the North Korea-aligned APT group ScarCruft, targeting ethnic Koreans in China’s Yanbian region through a compromised gaming platform. The attack, believed to have been ongoing since late 2024, weaponized both Windows and Android components of sqgame[.]net, a video game platform that hosts traditional Yanbian-themed card and board games.…
Google now offers up to $1.5 million for some Android exploits

May 5, 2026 2:48 PM

Tags: ai, android, browser, chrome, exploit, flaw, google, intelligence, vulnerability

Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial intelligence (AI) has made easier to find. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-now-offers-up-to-15-million-for-some-android-exploits/
Cerberus Stalkerware Hits Google Play, Abuses Accessibility and Firebase for Remote Control

May 5, 2026 2:48 PM

Tags: android, control, cyber, google, service, theft

Cerberus Anti-theft, a long-running Android “security” app, is operating as full-featured stalkerware on Google Play, abusing accessibility services and Google Firebase to give abusers near-total remote control over victims’ phones. Once installed, Cerberus lets an abuser push a custom lock”‘screen notification to the victim’s device from a web dashboard at cerberusapp.com or a paired smartwatch.…