Tag: mobile
-
Trump Mobile confirms exposure of customer data
First seen on scworld.com Jump to article: www.scworld.com/brief/trump-mobile-confirms-exposure-of-customer-data
-
Trump Mobile phone provider reportedly leaking customer data
First seen on scworld.com Jump to article: www.scworld.com/brief/trump-mobile-phone-provider-leaking-customer-data
-
Darwinium updates mobile SDKs to detect in-session fraud and account farming
First seen on scworld.com Jump to article: www.scworld.com/brief/darwinium-updates-mobile-sdks-to-detect-in-session-fraud-and-account-farming
-
Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses
President Trump’s branded cell phone maker and cell provider said the exposure was linked to a third-party platform, and was evaluating whether it needs to notify customers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/22/trump-mobile-confirms-it-exposed-customers-personal-data-including-phone-numbers-and-home-addresses/
-
Android Malware Secretly Signs Users Up for Premium Services
Android users are being targeted by a large-scale malware campaign that silently subscribes victims to premium mobile services without their knowledge. The malware campaign focuses on carrier billing fraud, abusing premium SMS services to generate revenue for attackers. What makes this operation particularly dangerous is its ability to target victims based on their mobile operator…
-
Discord Enables EndEnd Encryption by Default Across Voice and Video Features
Discord has officially enabled end-to-end encryption (E2EE) by default for all voice and video communications across its platform, marking a significant shift in user privacy and secure communications. The announcement, made on May 18, 2026, confirms that every voice and video call on Discord, across desktop, mobile, web browsers, and gaming consoles, is now protected…
-
Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin
Bitdefender Mobile Security for iOS is a security and privacy application for iPhone and iPad that helps protect against phishing attempts, online scams, unsafe websites, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/product-showcase-bitdefender-mobile-security-for-ios/
-
Customers say Trump Mobile is leaking their personal information
Trump Mobile is leaking customers’ email and home addresses, but has not responded to people alerting the company of the data exposure, according to two YouTubers who said they verified that their leaked data is authentic. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/20/customers-say-trump-mobile-is-leaking-their-personal-information/
-
(g+) Zero Trust: Abschied vom klassischen Perimeter
Homeoffice, Cloud und mobile Geräte sprengen alte Security-Konzepte – Zero Trust verspricht maximale Sicherheit für die geänderten Rahmenbedingungen. First seen on golem.de Jump to article: www.golem.de/news/zero-trust-abschied-vom-klassischen-perimeter-2605-208812.html
-
The hidden smart fridge risks that emerge years after purchase
Household refrigerators are built to last more than a decade. The software, cloud services, and mobile apps that control them are not. A new analysis from Erik Buchmann at … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/iot-smart-fridge-risks/
-
Ivanti customers confront yet another actively exploited zero-day
Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security product. First seen on cyberscoop.com Jump to article: cyberscoop.com/ivanti-epmm-zero-day-vulnerability-exploited/
-
U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-6973 (CVSS score of 7.1), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti warns customers…
-
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.It allows “a remotely authenticated user with administrative access to achieve remote code…
-
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Tags: attack, endpoint, exploit, flaw, ivanti, mobile, remote-code-execution, update, vulnerability, zero-dayIvanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/
-
Ten years later, has the GDPR fulfilled its purpose?
Tags: access, ai, breach, business, china, cio, compliance, data, data-breach, dora, finance, flaw, framework, GDPR, governance, government, international, jobs, law, mobile, office, privacy, regulation, risk, service, technology, tool, trainingFernando Maldonado, technology advisor at Foundry. MuleSoft. Gray areas remain: Still, if anything has been demonstrated in the decade since its entry into force, it’s that the GDPR still has a long way to go.Miguel Recio, president of APEP.IA (Spanish Professional Association for Privacy), argues that some of the limitations that have been exposed about the…
-
CloudZ RAT Exploits Microsoft Phone Link to Steal SMS OTPs
CloudZ is a new modular remote access trojan that abuses Microsoft’s built”‘in Phone Link feature to steal SMS one”‘time passwords (OTPs) and other mobile notifications directly from Windows PCs, without infecting the phone itself. Microsoft Phone Link (formerly “Your Phone”) is integrated into Windows 10 and 11 to mirror smartphone SMS messages, application notifications, call…
-
Google expands Android Binary Transparency to counter supply chain attacks
Supply chain attacks on mobile software have grown alongside the expanding role of phones in daily life, from payments to government IDs to AI features. Google is responding … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/06/google-android-binary-transparency/
-
Kochava Will Stop Selling ‘Sensitive Location’ Info
Litigation Initiated by the US FTC Leads to Settlement Restricting Data Broker. The Federal Trade Commission has banned an Idaho-based data broker from selling sensitive location data gathered from hundreds of millions of individuals’ mobile devices without their knowledge or consent. The proposed order ends several years of legal sparring between Kochava and the FTC.…
-
Google Update: Android Flaw Could Put Billions of Devices at Risk
Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk. The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-zero-click-rce-patch/
-
Google Update: Android Flaw Could Put Billions of Devices at Risk
Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk. The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-zero-click-rce-patch/
-
Google Update: Android Flaw Could Put Billions of Devices at Risk
Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk. The post Google Update: Android Flaw Could Put Billions of Devices at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-zero-click-rce-patch/
-
FTC to ban data broker Kochava from selling Americans’ location data
The FTC will ban data broker Kochava and its subsidiary, Collective Data Solutions (CDS), from selling location data without consumers’ explicit consent to settle charges alleging that it sold precise geolocation data collected from hundreds of millions of mobile devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ftc-to-ban-data-broker-kochava-from-selling-americans-location-data/
-
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloudz-malware-abuses-microsoft-phone-link-to-steal-sms-and-otps/
-
Smishing at Scale: What Our Expert Panel Revealed About the Mobile Phishing Supply Chain
Recap of the live panel hosted by Constella and WMC Global on April 30, 2026 â–¶ Watch the full recording If you’ve gotten a text recently warning you about an unpaid toll, a missed delivery, or suspicious activity on your bank account, you’ve interacted, however briefly, with one of the most sophisticated fraud… First seen…
-
Your work apps are quietly handing 19 data points to someone
Office work in 2026 runs through a stack of mobile apps that sit on the same phones people use for banking, messaging family, and tracking their location. Ten of the most … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/04/workplace-apps-data-collection-privacy/
-
Fake CAPTCHA Scam Uses SMS Pumping to Inflate Phone Bills
A newly uncovered cyber fraud campaign is abusing fake CAPTCHA pages to trick mobile users into sending large volumes of international SMS messages, resulting in unexpected phone bills and illicit profits for attackers. Unlike traditional malware campaigns, this operation does not require installing malicious software. Instead, it exploits telecom billing systems and affiliate revenue models…
-
Product showcase: SimpleX Chat removes user identifiers from messaging
SimpleX Chat is a free, private, open-source messenger that uses encryption and does not require user identifiers. It is available on mobile and desktop platforms, including … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/29/product-showcase-simplex-chat-secure-messaging/
-
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers.According to a new report published by Infoblox, the operation is believed…
-
7 Passkey Deployment Lessons from eBay, HubSpot, Revolut, and VicRoads
7 proven passkey deployment lessons from eBay, HubSpot, Revolut, and VicRoads. Covers enrollment design, mobile-first strategy, account recovery UX, device rotation handling, and the login success rate metric that actually predicts FIDO2 rollout success. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/7-passkey-deployment-lessons-from-ebay-hubspot-revolut-and-vicroads/