Tag: android
-
Third-Party Android Vulnerability Leaves Over 50M Users Exposed
A flaw in the EngageLab SDK exposed 50 million Android users, allowing malicious apps to exploit trusted permissions and access sensitive data. The post Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-engagelab-sdk-android-vulnerability-malware-bridge/
-
Google rolls out Gmail endend encryption on mobile devices
Google says Gmail end-to-end encryption (E2EE) is now available on all Android and iOS devices, allowing enterprise users to read and compose emails without additional tools. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-rolls-out-gmail-end-to-end-encryption-on-mobile-devices/
-
Gmail’s endend encryption comes to mobile, no extra apps required
Google has expanded Gmail client-side encryption to Android and iOS devices, allowing users to engage with their organization’s most sensitive data on mobile devices while … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/10/google-gmail-e2ee-mobile-devices/
-
EngageLab SDK flaw opens door to private data on 50M Android devices
A flaw in EngageLab SDK exposed up to 50M Android users, including 30M crypto wallets, letting apps bypass security and access private data. Microsoft researchers found a critical flaw in EngageSDK that lets apps bypass Android sandbox protections and access private data. The flaw put millions of users, including over 30M crypto wallet installs, at…
-
Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy
Hackers are impersonating popular secure messaging apps to deploy a sophisticated Android spyware tool called ProSpy against journalists, activists, and political figures across the Middle East, in a hack”‘for”‘hire campaign linked to the BITTER APT group. The campaign has been active since at least 2022. It primarily targets civil society members and potentially government officials in countries…
-
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
Tags: android, attack, awareness, browser, chrome, ciso, communications, compliance, computer, computing, crypto, cryptography, cybersecurity, data, encryption, google, government, group, Hardware, infrastructure, Internet, ml, mobile, regulation, risk, service, strategy, technology, threat, vulnerabilityNational Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encryption algorithms ahead of their planned retirement in 2035.Late last month Google brought forward its own post-quantum cryptography (PQC) deadline a year to 2029 because advances in quantum computers mean that legacy encryption and digital signature systems are at greater…
-
Google API Keys Quietly Gain Access to Gemini on Android Devices
Google API key flaw exposes mobile apps to Gemini AI access, private files and billing risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-api-keys-access-gemini/
-
Hackhire group caught targeting Android devices and iCloud backups
Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal iCloud credentials and hack victims’ devices. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/hack-for-hire-group-caught-targeting-android-devices-and-icloud-backups/
-
‘Stop Texting’: FBI Warning Drives Apple’s iPhone Messaging Update
Apple is preparing encrypted RCS support for iPhone, a change that could make messaging with Android users more secure and reduce reliance on SMS. The post ‘Stop Texting’: FBI Warning Drives Apple’s iPhone Messaging Update appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-rcs-messaging-fbi-warning-sms-security/
-
Supply chain security is now a board-level issue: Here’s what CSOs need to know
Tags: access, android, attack, automation, best-practice, compliance, cybersecurity, edr, encryption, firewall, firmware, flaw, infrastructure, linux, mitigation, regulation, risk, sbom, software, supply-chain, switch, threat, tool, update, vulnerability, windows, zero-dayThe hidden complexity that drowns security teams: SBOMs are no longer used solely to track software licensing; they are key to managing supply chain security as they enable the identification and tracking of vulnerabilities across ecosystems.Finding a problem is just the start, you need to determine if the vulnerability affects your implementation. For example, if…
-
Critical Android Flaw Allows Zero-Interaction Denial-of-Service Attacks
Google has rolled out its April 2026 Android Security Bulletin, addressing multiple vulnerabilities across the mobile operating system. The most alarming discovery this month is a critical security flaw in the Android Framework that allows attackers to trigger a local denial-of-service (DoS) state. Notably, the exploit requires absolutely no user interaction and operates without needing…
-
Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3M Downloads
NoVoice malware was found in 50 Android apps on Google Play, with 2.3 million downloads, by bypassing detection and targeting outdated devices. The post Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3M Downloads appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-novoice-malware-android-google-play-50-apps/
-
AutoSecT Mobile: Automating Android and iOS Security Testing
Your banking app knows your face. It reads your fingerprint. It trusts that the person holding the phone is really you. But what if it’s wrong? Mobile-first banking has made financial services more accessible than ever. You can transfer money, pay bills, and apply for loans all from your phone, all in seconds. But this……
-
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems.The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while…
-
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems.The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while…
-
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems.The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while…
-
Which messaging app takes the most limited approach to permissions on Android?
Tags: androidMessaging apps handle sensitive conversations, contacts, and media, and their behavior on a device varies in ways that affect privacy. An analysis of Android versions of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/03/android-permissions-privacy-risks-research/
-
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping systems safe this week.Things are moving fast. The list includes researchers chaining small bugs together to create massive backdoors,…
-
Nur schwer löschbar: Android-Malware millionenfach über Google Play verteilt
Eine über den Google Play Store verbreitete Android-Malware nutzt alte Lücken aus, um tief ins System einzudringen. Anwender merken davon nichts. First seen on golem.de Jump to article: www.golem.de/news/nur-schwer-loeschbar-android-malware-millionenfach-ueber-google-play-verteilt-2604-207201.html
-
NoVoice on Google Play Exploits 22 Flaws to Hit Millions of Android Users
NoVoice is a new Android rootkit campaign that hid in more than 50 apps on Google Play, exploiting 22 vulnerabilities to hijack millions of older and unpatched Android devices and even clone WhatsApp sessions. The apps posed as everyday utilities such as cleaners, casual games, and gallery tools, and behaved normally to avoid raising suspicion.…
-
‘NoVoice’ Android malware on Google Play infected 2.3 million devices
A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/novoice-android-malware-on-google-play-infected-23-million-devices/
-
Free VPNs leak your data while claiming privacy
Most free Android VPNs track users, request dangerous permissions, and connect to risky servers, privacy comes at a hidden cost. Free VPN apps are some of the most popular downloads on Android, promising privacy at no cost. But the reality is far from what they advertise. Most users tap “install” without a second thought, unaware…
-
Android Developer Verification Rollout Begins Ahead of September Enforcement
Google on Monday said it’s officially rolling out Android developer verification to all developers to combat the problem of bad actors distributing harmful apps while “hiding behind anonymity.”The development comes ahead of a planned verification mandate that goes into effect in Brazil, Indonesia, Singapore, and Thailand this September, before it expands globally next year.As part…
-
Android developers just got a new verification layer
To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/android-developer-verification-requirement/
-
Android developers just got a new verification layer
To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/android-developer-verification-requirement/
-
Android 17 tweaks location privacy with one-time access
Google introduced a suite of location privacy features in Android 17 Beta 3 to give users more control and provide developers with tools for data minimization and product … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/30/android-location-privacy-features-control/
-
WhatsApp rolls out more AI features, iOS multi-account support
WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support for two accounts on iOS, and chat history transfer between iOS and Android devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/whatsapp-rolls-out-more-ai-features-ios-multi-account-support/