Tag: mobile
-
Security hole could let hackers take over Juniper Networks PTX core routers
The hole is “especially dangerous, because these devices often sit in the middle of the network, not on the fringes,” said Piyush Sharma, CEO of Tuskira. “If an attacker gains control of a PTX, the impact is bigger than a single device compromise because it can become a traffic vantage point and a control point…
-
The Cyber Express Weekly Roundup: Space Security, Malware Regulatory Alerts
In this week’s edition of The Cyber Express weekly roundup, some interesting news and cybersecurity stories share an interesting shift in the cyber domain. Critical developments span space cybersecurity, AI vulnerabilities, mobile malware, and global regulatory enforcement, highlighting how digital threats are becoming more sophisticated and interconnected. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-cybersecurity-updates/
-
ResidentBat Android Malware Grants Belarusian KGB Ongoing Mobile Access
ResidentBat is a custom Android spyware implant used by the Belarusian KGB to turn seized smartphones into long”‘lived surveillance platforms against journalists and civil society targets. Operating outside the Play Store ecosystem and requiring hands”‘on installation, it combines deep data collection with remote control features, including the ability to wipe a device on demand. RSF’s…
-
ResidentBat Android Malware Grants Belarusian KGB Ongoing Mobile Access
ResidentBat is a custom Android spyware implant used by the Belarusian KGB to turn seized smartphones into long”‘lived surveillance platforms against journalists and civil society targets. Operating outside the Play Store ecosystem and requiring hands”‘on installation, it combines deep data collection with remote control features, including the ability to wipe a device on demand. RSF’s…
-
Claude Code Lets Users Control Terminal Sessions Remotely from Their Phones
Anthropic has unveiled a significant update to its Claude Code platform, introducing a new >>Remote Control<< feature. This capability allows developers to manage terminal sessions directly from their smartphones or remote web browsers, bridging the gap between desktop development and mobile accessibility. The feature is currently available in a Research Preview phase for Claude Max…
-
Steaelite RAT combines data theft and ransomware management capability in one tool
Tags: access, android, attack, authentication, awareness, business, corporate, credentials, crypto, cybercrime, data, ddos, defense, encryption, endpoint, extortion, infection, infosec, malware, mobile, monitoring, password, phishing, ransomware, rat, remote-code-execution, theft, threat, tool, training, windowsCSO that this isn’t the most sophisticated RAT he’s seen. “The novel aspect here,” he said, “is the convergence. Steaelite bundles remote access, credential harvesting, data exfiltration, and ransomware (currently in development) in a single package.” Traditionally, he explained, these capabilities have occupied different parts of the cybercrime toolchain, but Steaelite unifies the functions, giving…
-
Anthropic’s Remote Control feature brings Claude Code to mobile devices
Anthropic has introduced a new Claude Code feature called Remote Control, allowing developers to continue a local coding session from a phone, tablet, or any web browser. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/25/anthropic-remote-control-claude-code-feature/
-
ZeroDayRAT Targets Android and iOS Devices for Surveillance and Financial Data Theft
ZeroDayRAT targets Android and iOS devices, combining real-time surveillance with direct financial theft within a single browser panel. The Malware-as-a-Service (MaaS) ecosystem is entering a new phase, blending mobile surveillance and financial crime into one seamless platform. Active promotions for this RAT (Remote Access Trojan) began on Telegram channels on February 2, 2026, highlighting its dual purpose: real-time spying and direct financial…
-
The Growing Risk of Malicious Apps in a Mobile-First Workplace
Malicious and risky mobile apps are exposing enterprise data. Learn why mobile-first workplaces need behavior-based app security visibility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-growing-risk-of-malicious-apps-in-a-mobile-first-workplace/
-
Android mental health apps with 14.7M installs filled with security flaws
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users’ sensitive medical information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-mental-health-apps-with-147m-installs-filled-with-security-flaws/
-
Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers
Patch, but verify first: Unit 42 directed organizations to Ivanti’s security advisory for remediation guidance, which recommends applying version-specific RPM patches for EPMM 12.x branches that require no appliance downtime. Ivanti cautioned, however, that the patch does not survive a version upgrade and must be reinstalled if the software is updated. “The permanent fix for…
-
Android Malware Taps Google Gemini at Runtime
Researchers Say PromptSpy Automates Persistence on Infected Devices. A newly discovered Android malware strain, PromptSpy, is using Google’s Gemini generative artificial intelligence model to automate part of its persistence mechanism, marking what researchers describe as the second known case of AI-driven mobile malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/android-malware-taps-google-gemini-at-runtime-a-30819
-
Google Blocks 1.75 Million Malicious Apps from Entering Play Store
Google has revealed that it blocked more than 1.75 million malicious or policy”‘violating Android apps from reaching users through the Play Store in 2025, highlighting a major AI”‘driven push to secure the mobile ecosystem against malware, fraud, and privacy abuse. More than 80,000 “bad” developer accounts were also banned, cutting off repeat offenders who tried…
-
The Cyber Express Weekly Roundup: AI Disruption, Regulatory Pressure, and the Evolving Cyber Threat Landscape
Artificial intelligence is no longer a future-facing concept; it is actively reshaping cyber risk, regulatory enforcement, and enterprise security strategy in real time. This week’s The Cyber Express weekly roundup reflects the modern environment where AI-driven fraud, deepfake investigations, ransomware incidents, and mobile malware innovations are unfolding simultaneously across multiple regions. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ai-deepfakes-ransomware-weekly-roundup/
-
PayPal launches latest struggle to get rid of SMS for MFA
Tags: authentication, ceo, ciso, communications, compliance, cybersecurity, email, finance, fraud, government, group, login, mfa, mobile, nfc, passkey, password, phishing, risk, service, strategy, switch, updateMuddled effort, mixed messages Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, says he’s “always found it odd” that PayPal still supports SMS as its primary secondary authentication factor.”Everyone in financial services and government has abandoned it for not being sufficiently secure and are moving to even phishing-resistant authentication, such as passkeys, Yubikeys,” he…
-
10 Passwordless-Optionen für Unternehmen
Um Passwörter hinter sich zu lassen, gibt es bessere Lösungen. Wir zeigen Ihnen zehn. Passwörter sind seit Jahrzehnten der Authentifizierungsstandard für Computersysteme, obwohl sie sich immer wieder aufs Neue als anfällig für diverse Cyberangriffsformen erwiesen haben und kompromittierte Benutzerkonten auf regelmäßiger Basis zum Einfallstor für kriminelle Hacker werden. Ein Mittel für CISOs, um diesem Problem…
-
Police arrests 651 suspects in African cybercrime crackdown
African authorities arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-651-suspects-in-african-cybercrime-crackdown/
-
Police arrests 651 suspects in African cybercrime crackdown
African authorities arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-651-suspects-in-african-cybercrime-crackdown/
-
Police arrests 651 suspects in African cybercrime crackdown
African authorities arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-651-suspects-in-african-cybercrime-crackdown/
-
Citizen Lab Finds Evidence of Mobile Data Extraction from Detained Kenyan Activist
Citizen Lab says it found forensic evidence that Cellebrite’s mobile extraction technology was used on a Samsung Android phone belonging to detained Kenyan activist and politician Boniface Mwangi while the device was in police custody in July 2025. The group warns the case highlights how high-powered forensic tools can be used to access sensitive personal…
-
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover (DTO) attacks for financial theft.The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications.”This new threat, while First…
-
Public mobile networks are being weaponized for combat drone operations
On June 1, 2025, Ukraine launched a coordinated drone strike on five airfields inside Russia, disabling or destroying aircrafts. The attack involved more than 100 drones … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/enea-mobile-connected-drones-report/
-
Public mobile networks are being weaponized for combat drone operations
On June 1, 2025, Ukraine launched a coordinated drone strike on five airfields inside Russia, disabling or destroying aircrafts. The attack involved more than 100 drones … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/enea-mobile-connected-drones-report/
-
Keenadu: Android malware that comes preinstalled and can’t be removed by users
Embedded in core system apps: Keenadu can control legitimate system applications on affected devices. Kaspersky observed it inside critical components such as face unlock applications, raising the possibility that attackers could access biometric data. The malware was also found operating within the home screen app that controls the device’s primary interface.The researchers warned that the…
-
Critical Ivanti EPMM Zero-Day Vulnerabilities Exploited in the Wild, Targeting Corporate Networks
Tags: control, corporate, cve, cyber, data-breach, endpoint, exploit, ivanti, mobile, network, remote-code-execution, vulnerability, zero-dayTwo critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, are being actively exploited to compromise enterprise mobile fleets and corporate networks. Both are remote code execution (RCE) vulnerabilities that allow unauthenticated attackers to run arbitrary commands on exposed EPMM servers, effectively giving them full control of the mobile device…
-
Poland arrests suspect linked to Phobos ransomware operation
Polish police have detained a 47-year-old man suspected of ties to the Phobos ransomware group and seized computers and mobile phones containing stolen credentials, credit card numbers, and server access data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/poland-arrests-suspect-linked-to-phobos-ransomware-operation/
-
Mobile Mitarbeiter, neue Tools und Zugriffe absichern – Sophos kündigt Workspace Protection für hybrides Arbeiten an
First seen on security-insider.de Jump to article: www.security-insider.de/sophos-kuendigt-workspace-protection-fuer-hybrides-arbeiten-an-a-3f2ad24a34094da223bac0ebaafd0dfe/
-
QR Codes Exploited for Phishing Attacks and Malware Spread on Mobile Devices
QR code abuse has become a significant mobile threat vector, with attackers using it to deliver phishing pages, trigger in”‘app account takeovers, and distribute malicious applications outside official app stores. Because people routinely scan QR codes for payments, menus and app downloads, these attacks often bypass enterprise protections by shifting the interaction onto less”‘protected personal…
-
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that’s being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices.”The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully…