Tag: mobile
-
Google Uncovers 90 Zero-Day Vulnerabilities Under Active Exploitation in 2025
Tags: cyber, cybersecurity, exploit, google, group, intelligence, mobile, software, threat, vulnerability, zero-dayGoogle Threat Intelligence Group (GTIG) reported 90 zero-day vulnerabilities actively exploited in the wild during 2025. While this total is slightly below the 2023 peak, it highlights a critical shift in the cybersecurity landscape, as attackers are increasingly abandoning generic browser exploits to target edge devices, enterprise software, and mobile operating systems.”‹ Shifting Targets and…
-
ThreatLocker CEO On How Zero Trust Expansion Makes It ‘Much Harder’ To Get Hacked
With the expansion of ThreatLocker’s deny-by-default approach to the cloud and mobile announced Thursday, the cybersecurity vendor is addressing one of the biggest challenges faced by MSPs today, CEO Danny Jenkins told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/threatlocker-ceo-on-how-zero-trust-expansion-makes-it-much-harder-to-get-hacked
-
Police do not have to explain to lawyer Fahad Ansari why they seized his phone data, says court
A high court judge has ruled that police do not have to give reasons to lawyer, who acts for Hamas, why they seized his mobile phone data First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639704/Police-do-not-have-to-explain-to-lawyer-Fahad-Ansari-why-they-seized-his-phone-data-says-court
-
RedAlert Mobile Espionage Campaign Exploits Trojanized Rocket Alert App to Spy on Civilians
A newly discovered mobile espionage operation dubbed “RedAlert” has surfaced amid the ongoing IsraelIran conflict, exploiting wartime fear and dependency on early-warning systems. The campaign targets civilians by distributing a trojanized version of the Israeli Home Front Command’s official Rocket Alert application, aiming to harvest sensitive personal and geolocation data under the guise of legitimate security notifications. Researchers…
-
Zero-day in Android phone chips under active attack
Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639578/Zero-day-in-Android-phone-chips-under-active-attack
-
AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning
100-plus prebuilt tool recipes and a human-readable YAML-based extension system;Attack-chain graph, risk scoring, and “step-by-step replay”;Password-protected web user interfaces (UIs) and audit logs;A knowledge base with vector search, hybrid retrieval, and searchable archives;Vulnerability management with create, read, update, delete (CRUD) operations, severity tracking, status workflow, and statistics;Batch task management that can organize task queues and…
-
Western allies form 6G security coalition amid tech rivalry with China
The Global Coalition on Telecoms (GCOT), comprising the United Kingdom, United States, Canada, Japan and Australia, with Sweden and Finland joining at the launch, unveiled voluntary security and resilience principles for the technology at the Mobile World Congress trade show in Barcelona. First seen on therecord.media Jump to article: therecord.media/western-allies-form-6g-security-coalition
-
Motorola turns to GrapheneOS for smartphone security upgrade
Tags: mobileMotorola is strengthening smartphone security through a long-term partnership with the GrapheneOS Foundation, a mobile security nonprofit that develops a hardened operating … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/02/motorola-grapheneos-foundation-partnership-on-mobile-security/
-
Motorola turns to GrapheneOS for smartphone security upgrade
Tags: mobileMotorola is strengthening smartphone security through a long-term partnership with the GrapheneOS Foundation, a mobile security nonprofit that develops a hardened operating … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/02/motorola-grapheneos-foundation-partnership-on-mobile-security/
-
Motorola turns to GrapheneOS for smartphone security upgrade
Tags: mobileMotorola is strengthening smartphone security through a long-term partnership with the GrapheneOS Foundation, a mobile security nonprofit that develops a hardened operating … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/02/motorola-grapheneos-foundation-partnership-on-mobile-security/
-
Security hole could let hackers take over Juniper Networks PTX core routers
The hole is “especially dangerous, because these devices often sit in the middle of the network, not on the fringes,” said Piyush Sharma, CEO of Tuskira. “If an attacker gains control of a PTX, the impact is bigger than a single device compromise because it can become a traffic vantage point and a control point…
-
The Cyber Express Weekly Roundup: Space Security, Malware Regulatory Alerts
In this week’s edition of The Cyber Express weekly roundup, some interesting news and cybersecurity stories share an interesting shift in the cyber domain. Critical developments span space cybersecurity, AI vulnerabilities, mobile malware, and global regulatory enforcement, highlighting how digital threats are becoming more sophisticated and interconnected. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-cybersecurity-updates/
-
ResidentBat Android Malware Grants Belarusian KGB Ongoing Mobile Access
ResidentBat is a custom Android spyware implant used by the Belarusian KGB to turn seized smartphones into long”‘lived surveillance platforms against journalists and civil society targets. Operating outside the Play Store ecosystem and requiring hands”‘on installation, it combines deep data collection with remote control features, including the ability to wipe a device on demand. RSF’s…
-
ResidentBat Android Malware Grants Belarusian KGB Ongoing Mobile Access
ResidentBat is a custom Android spyware implant used by the Belarusian KGB to turn seized smartphones into long”‘lived surveillance platforms against journalists and civil society targets. Operating outside the Play Store ecosystem and requiring hands”‘on installation, it combines deep data collection with remote control features, including the ability to wipe a device on demand. RSF’s…
-
Claude Code Lets Users Control Terminal Sessions Remotely from Their Phones
Anthropic has unveiled a significant update to its Claude Code platform, introducing a new >>Remote Control<< feature. This capability allows developers to manage terminal sessions directly from their smartphones or remote web browsers, bridging the gap between desktop development and mobile accessibility. The feature is currently available in a Research Preview phase for Claude Max…
-
Steaelite RAT combines data theft and ransomware management capability in one tool
Tags: access, android, attack, authentication, awareness, business, corporate, credentials, crypto, cybercrime, data, ddos, defense, encryption, endpoint, extortion, infection, infosec, malware, mobile, monitoring, password, phishing, ransomware, rat, remote-code-execution, theft, threat, tool, training, windowsCSO that this isn’t the most sophisticated RAT he’s seen. “The novel aspect here,” he said, “is the convergence. Steaelite bundles remote access, credential harvesting, data exfiltration, and ransomware (currently in development) in a single package.” Traditionally, he explained, these capabilities have occupied different parts of the cybercrime toolchain, but Steaelite unifies the functions, giving…
-
Anthropic’s Remote Control feature brings Claude Code to mobile devices
Anthropic has introduced a new Claude Code feature called Remote Control, allowing developers to continue a local coding session from a phone, tablet, or any web browser. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/25/anthropic-remote-control-claude-code-feature/
-
ZeroDayRAT Targets Android and iOS Devices for Surveillance and Financial Data Theft
ZeroDayRAT targets Android and iOS devices, combining real-time surveillance with direct financial theft within a single browser panel. The Malware-as-a-Service (MaaS) ecosystem is entering a new phase, blending mobile surveillance and financial crime into one seamless platform. Active promotions for this RAT (Remote Access Trojan) began on Telegram channels on February 2, 2026, highlighting its dual purpose: real-time spying and direct financial…
-
The Growing Risk of Malicious Apps in a Mobile-First Workplace
Malicious and risky mobile apps are exposing enterprise data. Learn why mobile-first workplaces need behavior-based app security visibility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-growing-risk-of-malicious-apps-in-a-mobile-first-workplace/
-
Android mental health apps with 14.7M installs filled with security flaws
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users’ sensitive medical information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-mental-health-apps-with-147m-installs-filled-with-security-flaws/
-
Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers
Patch, but verify first: Unit 42 directed organizations to Ivanti’s security advisory for remediation guidance, which recommends applying version-specific RPM patches for EPMM 12.x branches that require no appliance downtime. Ivanti cautioned, however, that the patch does not survive a version upgrade and must be reinstalled if the software is updated. “The permanent fix for…
-
Android Malware Taps Google Gemini at Runtime
Researchers Say PromptSpy Automates Persistence on Infected Devices. A newly discovered Android malware strain, PromptSpy, is using Google’s Gemini generative artificial intelligence model to automate part of its persistence mechanism, marking what researchers describe as the second known case of AI-driven mobile malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/android-malware-taps-google-gemini-at-runtime-a-30819
-
Google Blocks 1.75 Million Malicious Apps from Entering Play Store
Google has revealed that it blocked more than 1.75 million malicious or policy”‘violating Android apps from reaching users through the Play Store in 2025, highlighting a major AI”‘driven push to secure the mobile ecosystem against malware, fraud, and privacy abuse. More than 80,000 “bad” developer accounts were also banned, cutting off repeat offenders who tried…
-
The Cyber Express Weekly Roundup: AI Disruption, Regulatory Pressure, and the Evolving Cyber Threat Landscape
Artificial intelligence is no longer a future-facing concept; it is actively reshaping cyber risk, regulatory enforcement, and enterprise security strategy in real time. This week’s The Cyber Express weekly roundup reflects the modern environment where AI-driven fraud, deepfake investigations, ransomware incidents, and mobile malware innovations are unfolding simultaneously across multiple regions. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ai-deepfakes-ransomware-weekly-roundup/
-
PayPal launches latest struggle to get rid of SMS for MFA
Tags: authentication, ceo, ciso, communications, compliance, cybersecurity, email, finance, fraud, government, group, login, mfa, mobile, nfc, passkey, password, phishing, risk, service, strategy, switch, updateMuddled effort, mixed messages Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, says he’s “always found it odd” that PayPal still supports SMS as its primary secondary authentication factor.”Everyone in financial services and government has abandoned it for not being sufficiently secure and are moving to even phishing-resistant authentication, such as passkeys, Yubikeys,” he…
-
10 Passwordless-Optionen für Unternehmen
Um Passwörter hinter sich zu lassen, gibt es bessere Lösungen. Wir zeigen Ihnen zehn. Passwörter sind seit Jahrzehnten der Authentifizierungsstandard für Computersysteme, obwohl sie sich immer wieder aufs Neue als anfällig für diverse Cyberangriffsformen erwiesen haben und kompromittierte Benutzerkonten auf regelmäßiger Basis zum Einfallstor für kriminelle Hacker werden. Ein Mittel für CISOs, um diesem Problem…
-
Police arrests 651 suspects in African cybercrime crackdown
African authorities arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-651-suspects-in-african-cybercrime-crackdown/
-
Police arrests 651 suspects in African cybercrime crackdown
African authorities arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-651-suspects-in-african-cybercrime-crackdown/
-
Police arrests 651 suspects in African cybercrime crackdown
African authorities arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-651-suspects-in-african-cybercrime-crackdown/
-
Citizen Lab Finds Evidence of Mobile Data Extraction from Detained Kenyan Activist
Citizen Lab says it found forensic evidence that Cellebrite’s mobile extraction technology was used on a Samsung Android phone belonging to detained Kenyan activist and politician Boniface Mwangi while the device was in police custody in July 2025. The group warns the case highlights how high-powered forensic tools can be used to access sensitive personal…