Apple is urging users to update immediately after patching a zero-day vulnerability that was exploited in what it described as “extremely sophisticated” attacks against specific individuals. The flaw, which impacts multiple Apple operating systems, allowed attackers to execute arbitrary code on vulnerable devices. “An attacker with memory write capability may be able to execute arbitrary…
Category: Mobile
AI, Android, Breaking News, cyber crime, Exploits, Global Security News, malware, Mobile
ZeroDayRAT spyware grants attackers total access to mobile devices
ZeroDayRAT is a commercial mobile spyware that grants full remote access to Android and iOS devices for spying and data theft. ZeroDayRAT is a newly discovered commercial mobile spyware toolkit that gives attackers full control over Android and iOS devices. It supports live camera access, keylogging, and theft of banking and crypto data. First spotted…
Global Security News, Mobile, Security
ZeroDayRAT malware grants full access to Android, iOS devices
A new commercial mobile spyware platform dubbed ZeroDayRAT is being advertised to cybercriminals on Telegram as a tool that provides full remote control over compromised Android and iOS devices. […]
AI, Apps, Breaking News, china, Endpoint, Exploits, Global Security News, hacking, malware, Mobile, Network Security, Security
DKnife toolkit abuses routers to spy and deliver malware since 2019
DKnife is a Linux toolkit used since 2019 to hijack router traffic and deliver malware in cyber-espionage attacks. Cisco Talos found DKnife, a powerful Linux toolkit that threat actors use to spy on and control network traffic through routers and edge devices. It inspects and alters data in transit and installs malware on PCs, phones,…
Global Security News, Mobile, Security
Hugging Face abused to spread thousands of Android malware variants
A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK payload that collects credentials for popular financial and payment services. […]
Breaking News, Global Security News, hacking, information security news, Mobile, Security
WhatsApp rolls out Strict Account settings to strengthen protection for high-risk users
Meta announced new Strict Account Settings on WhatsApp to better protect high-risk users from advanced cyber attacks. Meta announced new Strict Account Settings on WhatsApp to enhance the security of high-risk users from advanced, targeted cyber attacks. “Strict Account Settings is one of many ways we’re working to protect you from the most sophisticated of…
Artificial Intelligence, cyber crime, Global Security News, malware, Mobile, Security
Machine learning–powered Android Trojans bypass script-based Ad Click detection
A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered a new Android click-fraud trojan family that uses TensorFlow.js ML models to visually detect and tap ads, avoiding traditional script-based methods. The malware is distributed via Xiaomi’s GetApps, it…
Global Security News, Mobile, Technology
Verizon starts issuing $20 credits after nationwide outage
Verizon has begun sending text messages with instructions on how to redeem a $20 account credit for last week’s nationwide wireless outage. […]
Global Security News, Mobile, Technology
Verizon blames nationwide outage on a “software issue”
Verizon has confirmed that yesterday’s nationwide wireless outage was caused by a software issue, though the company has not shared additional details about what went wrong. […]
Global Security News, Mobile, Technology
Verizon Wireless outage puts phones in SOS mode without cell service
Verizon Wireless is suffering a massive outage in the US, with customers reporting their phones stuck in SOS mode with no cellular service. […]
Android, Breaking News, Global Security News, Mobile, Security
Google fixes critical Dolby Decoder bug in Android January update
Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was addressed in the January 2026 Android security update. Google fixed the flaw in December 2025 for Pixel phones and has now rolled out the fix to…
Global Security News, Mobile, Security
Cellik Android malware builds malicious versions from Google Play apps
A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store. […]
Global Security News, Microsoft, Mobile, Software
Microsoft to block Exchange Online access for outdated mobile devices
Microsoft announced on Monday that it will soon block mobile devices running outdated email software from accessing Exchange Online services until they’re updated. […]
Exploits, Global Security News, hacking, Mobile, Reports, Security
CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use
The CERT-FR (French Computer Emergency Response Team) is advising iPhone and Android users to fully disable Wi-Fi to reduce risk. CERT-FR warns iPhone and Android users to fully disable Wi-Fi to reduce exposure, citing multiple vulnerabilities across wireless interfaces, apps, OSs, and even hardware. The agency reiterates basic hygiene: install apps only from official stores, review…
Apple, Breaking News, Exploits, Global Security News, Google, hacking, Mobile
Emergency fixes deployed by Google and Apple after targeted attacks
Google and Apple issued emergency updates to address zero-day flaws exploited in attacks targeting an unknown number of users. Apple and Google have both pushed out urgent security updates after uncovering a highly targeted attacks against an unknown number of users. The attacks abused zero‑day vulnerabilities in their software. The campaign appears to involve nation-state…
Global Security News, Mobile, Security
New DroidLock malware locks Android devices and demands a ransom
A new Android malware called DroidLock has emerged with capabilities to lock screens for ransom payments, erase data, access text messages, call logs, contacts, and audio data. […]
Asia Pacific, Breaking News, Cyber warfare, Global Security News, hacking, intelligence, Mobile
BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions
CISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed technical details on BRICKSTORM, a backdoor used by China state-sponsored threat actors to gain and maintain long-term persistence on compromised systems, highlighting ongoing PRC cyber-espionage activity. “The Cybersecurity…
Global Security News, Google, Mobile, North America, Security
Google expands Android scam protection feature to Chase, Cash App in U.S.
Google is expanding support for its Android’s in-call scam protection to multiple banks and financial applications in the United States. […]
Breaking News, Exploits, Global Security News, hacking, India, Laws and regulations, Mobile
India mandates SIM-linked messaging apps to fight rising fraud
India ordered messaging apps to work only with active SIM cards linked to users’ phone numbers to curb fraud and misuse. India’s Department of Telecommunications (DoT) now requires providers of messaging apps to work only with active SIM cards linked to users’ numbers to prevent fraud and misuse. “The Department of Telecommunications (DoT) has observed that some…
Exploits, Global Security News, Google, Mobile, Security
Google fixes two Android zero days exploited in attacks, 107 flaws
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks. […]
Android, Breaking News, Exploits, Global Security News, hacking, Mobile, Security
Google’s latest Android security update fixes two actively exploited flaws
Google’s latest Android security update fixes 107 flaws across multiple components, including two vulnerabilities actively exploited in the wild. Google’s new Android update patches 107 vulnerabilities, including two already exploited in the wild, across system, kernel, and major vendor components. Here’s a concise summary under 160 characters: December’s Android update offers two patch levels (12-01,…
Breaking News, cyber crime, Global Security News, malware, Mobile
Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud
Albiriox is new Android MaaS malware enabling on-device fraud and real-time control. It targets 400+ banking, fintech, crypto, and payment apps. Albiriox is a new Android malware sold under a malware-as-a-service model on Russian‑speaking cybercrime forums. It provides advanced capabilities for on-device fraud, screen manipulation, and real-time interaction with infected devices. It also includes a…
Data loss, Global Security News, Guest blog, Law & order, malware, Mobile
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. Read more in my article on the Hot for Security blog.
Apple, Global Security News, Google, Mobile, Security
Google enables Pixel-to-iPhone file sharing via Quick Share, AirDrop
Google has added interoperability support between Android Quick Share and Apple AirDrop, to let users share files between Pixel devices and iPhones. […]
Breaking News, Global Security News, hacking, hacking news, Mobile, Security
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles
Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team of researchers at the University of Vienna found a WhatsApp flaw that could scrape 3.5 billion accounts. Meta has since patched the vulnerability to block this enumeration technique. Users discover contacts by querying WhatsApp servers…
Android, Breaking News, cyber crime, Europe, Global Security News, malware, Mobile
Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal
The Android trojan Sturnus targets communications from secure messaging apps like WhatsApp, Telegram and Signal. Sturnus is a new Android banking trojan with full device-takeover abilities. It bypasses encrypted messaging by capturing on-screen content and can steal banking credentials, remotely control the device, and hide fraudulent actions from the user. ThreatFabric analysis shows Sturnus malware…
Global Security News, Mobile, Security
Multi-threat Android malware Sturnus steals Signal, WhatsApp messages
A new Android banking trojan named Sturnus can capture communication from end-to-end encrypted messaging platforms like Signal, WhatsApp, and Telegram, as well as take complete control of the device. […]
Awareness, Global Security News, Guidance, Mobile, Mobile - MPOC
PCI SSC Publishes Mobile Payments on COTS (MPoC) Guidance Document
The PCI Security Standards Council (PCI SSC) has published a Mobile Payments on Commercial Off-The-Shelf (MPoC) Guidance Document, a new resource developed to support consistent interpretation and implementation of the MPoC Standard and Program requirements across the mobile payments ecosystem.
Global Security News, Google, Mobile, Security
Google to flag Android apps with excessive battery use on the Play Store
Google will start taking action on Android apps in the official Google Play store that have high background activity and cause excessive battery draining. […]
Breaking News, Exploits, Global Security News, malware, Mobile, Security
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks
A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East. Samsung patched a flaw exploited as a zero-day, tracked as CVE-2025-21042 (CVSS score of 8.8), to deploy LANDFALL spyware on Galaxy devices in Middle East attacks. “Unit 42 researchers have uncovered a…
Exploits, Global Security News, Mobile, Security
New LandFall spyware exploited Samsung zero-day via WhatsApp messages
A threat actor exploited a zero-day vulnerability in Samsung’s Android image processing library to deploy a previously unknown spyware called ‘LandFall’ using malicious images sent over WhatsApp. […]
Global Security News, Mobile, Security
Malicious Android apps on Google Play downloaded 42 million times
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. […]
Breaking News, cyber crime, Global Security News, malware, Mobile, Security
Android Apps misusing NFC and HCE to steal payment data on the rise
Zimperium zLabs found 760+ Android apps abusing NFC and HCE to steal payment data, showing a surge in NFC relay fraud since April 2024. Zimperium zLabs researchers spotted over 760 Android apps abusing Near-Field Communication (NFC) and Host Card Emulation (HCE) to steal payment data and commit fraud, showing rapid growth in NFC relay attacks…
Europe, Global Security News, Mobile, Security
Massive surge of NFC relay malware steals Europeans’ credit cards
Near-Field Communication (NFC) relay malware has grown massively popular in Eastern Europe, with researchers discovering over 760 malicious Android apps using the technique to steal people’s payment card information in the past few months. […]
Global Security News, Guest blog, Law & order, Mobile, SMS, spam
Spam text scammer fined £200,000 for targeting people in debt, after sending nearly one million messages
The UK Information Commissioner’s Office (ICO) has levied a fine of £200,000 against a sole trader who sent almost one million spam text messages to people across the country – many of whom were already struggling with debt. Read more in my article on the Hot for Security blog.
Global Security News, Mobile, Security
New Herodotus Android malware fakes human typing to avoid detection
A new Android malware family, Herodotus, uses random delay injection in its input routines to mimic human behavior on mobile devices and evade timing-based detection by security software. […]
Global Security News, Mobile, Security
New Android Pixnapping attack steals MFA codes pixel-by-pixel
A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content. […]
Apple, Breaking News, Exploits, Global Security News, Mobile, Security
Apple doubles maximum bug bounty to $2M for zero-click RCEs
Apple raised bug bounties to $2M for zero-click RCEs, doubling payouts. Since 2020, it’s paid $35M to 800 researchers. Apple doubled its bug bounty rewards, now offering up to $2 million for zero-click remote code execution flaws. Since 2020, the tech giant has paid $35M to 800 researchers. Apple aims to pay exploit chains comparable…
Global Security News, Mobile, Security
New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube
A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google Photos, TikTok, and YouTube. […]
Android, Breaking News, Exploits, Global Security News, hacking, Mobile, Security
Samsung fixed actively exploited zero-day
Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CVE-2025-21043, that was exploited in zero-day attacks against Android users. The vulnerability is an out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit…
Breaking News, Exploits, Global Security News, hacking, intelligence, malware, Mobile
Apple issues spyware warnings as CERT-FR confirms attacks
Apple warned users of a spyware campaign; France’s cyber agency confirmed targeted iCloud-linked devices may be compromised. Apple warned customers last week about new spyware attacks, the French national Computer Emergency Response Team (CERT-FR) said. The agency confirmed at least four such alerts since early 2025. Apple sent spyware alerts on March 5, April 29,…
AI, Breaking News, Global Security News, Mobile, Security
Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images
Pixel 10 adds C2PA to camera and Photos, helping users verify authenticity and spot AI-generated or altered images. Pixel 10 integrates C2PA Content Credentials into the camera and Photos, allowing users to verify whether images are real or AI-generated, or edited. The company announced the integration of the new feature during the Made by Google…
Artificial Intelligence, Global Security News, Google, Mobile, Security
Pixel 10 fights AI fakes with new Android photo verification tech
Google is integrating C2PA Content Credentials into the Pixel 10 camera and Google Photos, to help users distinguish between authentic, unaltered images and those generated or edited with artificial intelligence technology. […]
Exploits, Global Security News, Google, Mobile, Security
Google fixes actively exploited Android flaws in September update
Google has released the September 2025 security update for Android devices, addressing a total of 84 vulnerabilities, including two actively exploited flaws. […]
Android, Exploits, Global Security News, iOS, Law & order, Mobile, phishing
Smashing Security podcast #427: When 2G attacks, and a romantic road trip goes wrong
Graham warns why it is high time we said goodbye to 2G – the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once. Meanwhile, Carole unpacks a painfully awkward tale of amour…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android Malware Konfety evolves with ZIP manipulation and dynamic loading
A new Konfety Android malware variant uses a malformed ZIP and obfuscation to evade detection, posing as fake apps with no real functionality. Zimporium zLabs researchers are tracking a new, sophisticated Konfety Android malware variant that uses an “evil-twin” tactic and duplicate package names to avoid detection. The new Konfety malware variants use malformed ZIP,…
CryptoCurrency, Global Security News, Guest blog, Law & order, Mobile, Nicholas Truglia
SIM scammer’s sentence increased to 12 years, after failing to pay back victim $20 million
Read more in my article on the Hot for Security blog.
Global Security News, Mobile, Security
Android malware Konfety uses malformed APKs to evade detection
A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. […]
Global Security News, Google, Mobile, Security
Google reveals details on Android’s Advanced Protection for Chrome
Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements. […]
Global Security News, Mobile, Security
Samsung announces major security enhancements coming to One UI 8
Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android. […]
Exploits, Global Security News, Mobile, Security
New Android TapTrap attack fools users with invisible UI trick
A novel tapjacking technique can exploit user interface animations to bypass Android’s permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device. […]
Global Security News, Mobile, Security
Android malware Anatsa infiltrates Google Play to target US banks
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. […]
Android, Breaking News, Global IT News, Global Security News, hacking, malware, Mobile
A flaw in Catwatchful spyware exposed logins of +62,000 users
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered…
Global Security News, Law & order, Mobile, Podcast, privacy
Smashing Security podcast #424: Surveillance, spyware, and self-driving snafus
A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because “ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect. Meanwhile, Carole checks the rear-view mirror on the driverless car…
Global Security News, Mobile, Security
AT&T rolls out “Wireless Lock” feature to block SIM swap attacks
AT&T has launched a new security feature called “Wireless Lock” that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled. […]
France, Global Security News, Guest blog, Law & order, Mobile, sim swap
50 customers of French bank hit after insider helped SIM swap scammers
French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers to defraud 50 of its clients. Read more in my article on the Hot for Security blog.
deepfake, Donald Trump, Global Security News, Mobile, Podcast
Smashing Security podcast #420: Fake Susies, flawed systems, and fruity fixes for anxiety
A bizarre case of political impersonation, where Trump’s top aide Susie Wiles is cloned (digitally, not biologically — we think), and high-ranking Republicans start getting invitations to link up with “her” on Telegram to share their Trump pardon wishlists. Was it a deepfake? Or just someone with a halfway decent impression and access to a…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Apps, Commerce, epic, Epic Games, Global Security News, lawsuit, Media & Entertainment, Mobile, Spotify
Spotify says support for external payments on iOS has already boosted subscriptions
Spotify says its ability to direct its customers to external payment links in its iOS app has already had a positive impact on sales. In a newly filed amicus brief in support of Epic Games in its ongoing legal battle with Apple over external payments on the App Store, Spotify claims its internal data indicates…
Global Security News, Government, Mobile
Russia to enforce location tracking app on all foreigners in Moscow
The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. […]
Global Security News, Mobile, Security
Mobile carrier Cellcom confirms cyberattack behind extended outages
Wisconsin wireless provider Cellcom has confirmed that a cyberattack is responsible for the widespread service outage and disruptions that began on the evening of May 14, 2025. […]
Global Security News, Google, Mobile, Security
Android 16 expands ‘Advanced Protection’ with device-level security
Google is announcing improvements for the Advanced Protection feature in Android 16 that strengthen defenses against sophisticated spyware attacks. […]
Exploits, Global Security News, Google, Mobile, Security
Google fixes actively exploited FreeType flaw on Android
Google has released the May 2025 security updates for Android with fixes for 45 security flaws, including an actively exploited zero-click FreeType 2 code execution vulnerability. […]
Android, Cybersecurity, Exploits, Global Security News, Google, Mobile, Mobile Security, Technology, vulnerabilities
Google addresses 1 actively exploited vulnerability in May’s Android security update
Google addressed 47 vulnerabilities affecting Android devices in its May security update, including an actively exploited software defect that was first disclosed in March. Google said the high-severity vulnerability, CVE-2025-27363, “may be under limited, targeted exploitation.” The out-of-bounds write defect in FreeType versions 2.13.0 and below may result in arbitrary code execution, Facebook said in…
Global Security News, Microsoft, Mobile, Security
Microsoft ends Authenticator password autofill, moves users to Edge
Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025. […]
AI, Apps, Global Security News, Google, Google I/O, Hardware, Mobile
Google shifts Android news to a virtual event ahead of its I/O developer conference
News about Android is being relegated to a side show at Google’s annual developer conference, Google I/O, next month. On Monday, the company announced it would share information about the latest updates coming to the Android ecosystem at an upcoming virtual event called “The Android Show: I/O Edition,” airing on May 13. The decision to…
Global Security News, Mobile, Security
Russian army targeted by new Android malware hidden in mapping app
A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. […]
Global Security News, Mobile, Security
New Android malware steals your credit cards for NFC relay attacks
A new malware-as-a-service (MaaS) platform named ‘SuperCard X’ has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data. […]
Global Security News, Google, Mobile, Security
Google adds Android auto-reboot to block forensic data extractions
Google is rolling out a new security mechanism on Android devices that will automatically reboot locked, unused devices after three consecutive days of inactivity, restoring memory to an encrypted state. […]
Android, Cellebrite, Cybersecurity, Exploits, Global Security News, Google, Mobile, Mobile Security, Technology, Threats, vulnerabilities, zero days
Google addresses 2 actively exploited vulnerabilities in security update
Google addressed 62 vulnerabilities affecting Android devices in its April security update, including a pair of actively exploited software defects that were first disclosed in December. Google said the two vulnerabilities — CVE-2024-53197 and CVE-2024-53150 — “may be under limited, targeted exploitation.” The pair of flaws under active exploitation are high-severity and affect the Linux…
Global Security News, Mobile, Security
E-ZPass toll payment texts return in massive phishing wave
An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. […]
Global Security News, Mobile, Security
Verizon Call Filter API flaw exposed customers’ incoming call history
A vulnerability in Verizon’s Call Filter feature allowed customers to access the incoming call logs for another Verizon Wireless number through an unsecured API request. […]
CryptoCurrency, Global Security News, Mobile, Security
Counterfeit Android devices found preloaded With Triada malware
A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, allowing threat actors to steal data as soon as they are set up. […]
Apple, Exploits, Global Security News, Mobile, Security
Apple backports zero-day patches to older iPhones and Macs
Apple has released security updates that backport fixes for actively exploited vulnerabilities that were exploited as zero-days to older versions of its operating systems. […]
CryptoCurrency, Global Security News, Mobile, Security
New Crocodilus malware steals Android users’ crypto wallet keys
A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. […]
Global Security News, Mobile, Security
New Android malware uses Microsoft’s .NET MAUI to evade detection
New Android malware campaigns use Microsoft’s cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. […]
Global Security News, Google, Mobile, Security
Malicious Android ‘Vapor’ apps on Google Play installed 60 million times
Over 300 malicious Android applications downloaded 60 million items from Google Play acted as adware or attempted to steal credentials and credit card information. […]
Global Security News, Google, Mobile, Security
New North Korean Android spyware slips onto Google Play
A new Android spyware named ‘KoSpy’ is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps. […]
Global Security News, Mobile, Security, Software
Open-source tool ‘Rayhunter’ helps users detect Stingray attacks
The Electronic Frontier Foundation (EFF) has released a free, open-source tool named Rayhunter that is designed to detect cell-site simulators (CSS), also known as IMSI catchers or Stingrays. […]
Global Security News, Google, Mobile, Security
Google expands Android AI scam detection to more Pixel devices
Google has announced an increased rollout of new AI-powered scam detection features on Android to help protect users from increasingly sophisticated phone and text social engineering scams. […]
Exploits, Global Security News, Google, Mobile, Security
Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. […]
Global Security News, Google, Mobile, Security
SpyLend Android malware downloaded 100,000 times from Google Play
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. […]
Apple, Apple Intelligence, Artificial Intelligence, Global Security News, Innovation, iOS, iPad, iPhone, Mobile, Operating Systems, satellite connectivity, Security, siri, Software, Starlink
iOS 18.3.1 Release Expected Within the Next Few Weeks
Speculation about the iOS 18.3.1 release has surfaced. This includes a related Starlink connectivity rumor.
CryptoCurrency, Global Security News, Mobile
Google Play, Apple App Store apps caught stealing crypto wallets
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. […]
Android, Cybersecurity, Exploits, Global Security News, Mobile, vulnerabilities
Android security update includes patch for actively exploited vulnerability
Google has addressed a total of 47 security vulnerabilities in its February update for the Android operating system, highlighted by the patching of a critical flaw that has reportedly been under active exploitation. The primary focus of the security update is CVE-2024-53104, a high-severity vulnerability affecting the USB Video Class (UVC) driver in the Linux…
Global Security News, Google, Mobile, Security
Google blocked 2.36 million risky Android apps from Play Store in 2024
Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. […]
Global Security News, Mobile, Security, Software
Signal will let you sync old messages when linking new devices
Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. […]
Global Security News, Google, Mobile, Security
New Android Identity Check locks settings outside trusted locations
Google has announced a new Android “Identity Check” security feature that lock sensitive settings behind biometric authentication when outside a trusted location. […]
AI, Apps, Artificial Intelligence, ChatGPT, Global Security News, Mobile, sensor tower, state of mobile
AI apps saw over $1 billion in consumer spending in 2024
Demand for generative AI help drive consumer spending on apps to $150 billion globally in 2024, up 13% from the prior year. According to an annual “State of Mobile” report from app intelligence provider Sensor Tower (which acquired Data.ai, the original report’s author, last March), AI apps saw a surge of interest over the past…
Global Security News, Legal, Mobile
Allstate car insurer sued for tracking drivers without permission
Texas Attorney General Ken Paxton has filed a lawsuit against Allstate and its data subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million Americans. […]
Global Security News, Mobile, Security
New FireScam Android malware poses as RuStore app to steal data
A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. […]
Exploits, Global Security News, Mobile, Security
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named ‘NoviSpy,’ used to spy on activists, journalists, and protestors. […]
Global Security News, Mobile, Security
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. […]
Global Security News, Mobile, Security
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. […]
Asia Pacific, Global Security News, Mobile, Security
New EagleMsgSpy Android spyware used by Chinese police, researchers say
A previously undocumented Android spyware called ‘EagleMsgSpy’ has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. […]