The Trapdoor campaign initially distributed seemingly legitimate utility apps, such as PDF readers, through the Google Play Store.
Tag: apps
AI, Global Security News, malware
Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown
Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented. Apple ‘s annual fraud prevention report for 2025 paints a striking picture of just how much effort goes into keeping the App Store clean. The numbers are significant: more than two million app…
AI, Global Security News
Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users
Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services
AI, Global Security News
Agentic AI Accelerates Software Builds and Mobile App Attacks
Digital.ai data reveals 87% of apps were attacked over the past year
AI, Global Security News
Keycard helps developers secure autonomous AI agents with scoped access
Keycard has announced Keycard for Multi-Agent Apps, extending its platform to support delegated, session-based access across systems of autonomous agents. Keycard lets developers build apps where every agent has its own identity, access is scoped to each task and every action is fully attributable across agents, users and systems. “Enterprises are rebuilding business functions around…
Global Security News, malware
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords.
AI, Cybersecurity, Global Security News
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss. The 28 apps have collectively racked up more than 7.3 million downloads,…
AI, Global Security News, privacy, Risk Management
Mental health apps are collecting more than emotional conversations
People use mental health apps to talk about depression, trauma and suicidal thoughts in moments they may not share with anyone else. Many users likely assume those conversations carry protections similar to therapy sessions. In reality, mental health apps operate without the same confidentiality and privacy standards that govern licensed therapists. A new academic study…
AI, Global Security News
Fake call logs, real payments: How CallPhantom tricks Android users
ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down
AI, Global Security News
The ChatGPT-ification of American Business
Companies like Starbucks and Lowe’s are hoping to get closer to customers with new apps that integrate into OpenAI’s ChatGPT interface.
Global Security News, Network Security
FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware
A massive fraud network called FEMITBOT uses Telegram Mini Apps and fake brand names like Apple, Disney, and…
AI, Global Security News
10 quick productivity tips for Microsoft 365 mobile apps
Most of us work with Word, Excel, PowerPoint, and other Microsoft 365 apps primarily on a computer, via the desktop or web apps. While you’re on the go, the mobile versions of these apps are handy for reviewing documents, spreadsheets, presentations, or other Office files, and you can use them to do minor editing. But…
AI, Global Security News, privacy
Your work apps are quietly handing 19 data points to someone
Office work in 2026 runs through a stack of mobile apps that sit on the same phones people use for banking, messaging family, and tracking their location. Ten of the most common workplace apps in use across U.S. companies, including Gmail, Microsoft Teams, Zoom Workplace, Slack, and Notion, account for more than 12.5 billion downloads…
AI, Cybersecurity, Global Security News
Do Call Tracker Apps Really Work for Parents? A Feature Based Breakdown
In this post, I will answer the question – do call tracker apps really work for parents? Parenting has always been full of worries. But raising a child in the smartphone era adds completely new layer to that anxiety. The moment your child gets their first phone, you suddenly feel like part of their world…
AI, Global Security News, Government & Policy, malware, Network Security
New Android spyware Morpheus linked to Italian surveillance firm
Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organization Osservatorio Nessuno exposed a new spyware called Morpheus, distributed through fake Android apps posing as updates. Once installed, it can steal extensive data from the infected devices. The report shows strong demand…
AI, Compliance, Cybersecurity, Global Security News
25 open-source cybersecurity tools that don’t care about your budget
Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond to incidents throughout the development and operational lifecycle. Allama: Open-source AI security automation Allama is an…
AI, Global Security News, Network Security
Product showcase: LuLu reveals unauthorized outbound connections from Mac apps
LuLu is a free, open-source firewall for macOS that lets you control which apps are allowed to send data from your computer. macOS includes a built-in firewall, but it mainly handles incoming connections. LuLu also monitors outgoing traffic. Installing and setting Up LuLu After downloading and installing the app, I allowed the LuLu Network Extension…
Cybersecurity, Global Security News
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and private keys since at least fall 2025. “Once launched, these apps redirect users to browser pages designed to look similar to the App Store and distribute trojanized versions…
AI, Global Security News
Meta is overhauling how you sign in, manage settings, and protect your accounts
Meta Account gives users of Meta apps and devices a simpler way to access and manage their accounts. Accounts Center will automatically be updated to a Meta Account as part of a gradual rollout over the next year. Users will be notified when the change occurs. It supports Meta technologies including Facebook, Instagram, Messenger, Threads,…
AI, Global Security News
Elastic MCP Apps bring security and observability workflows into AI tools
Elastic has announced MCP Apps for Elastic, delivering agent-native UI experiences for security and observability workflows across third-party coding tools and chat clients. The new MCP Apps enable teams to investigate threats, diagnose system behavior, and act on data directly within the AI tools they already use, without switching tools or stitching together separate systems.…
AI, Global Security News
Elastic Delivers First Embedded AI Experiences for Observability and Security Inside Third-Party AI Tools
MCP Apps bring Elastic’s security and observability workflows into third-party AI tools, enabling teams to act on data directly where they work, with additional capabilities for search and data exploration
AI, Global Security News
China’s Apple App Store infiltrated by crypto-stealing wallet apps
A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phrases and drain them of cryptocurrency assets. […]
AI, Apps, Global Security News
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a…
AI, Apps, Exploits, Global Security News, Risk Management
EngageLab SDK flaw opens door to private data on 50M Android devices
A flaw in EngageLab SDK exposed up to 50M Android users, including 30M crypto wallets, letting apps bypass security and access private data. Microsoft researchers found a critical flaw in EngageSDK that lets apps bypass Android sandbox protections and access private data. The flaw put millions of users, including over 30M crypto wallet installs, at…
AI, Global Security News, Risk Management
Google API Keys Quietly Gain Access to Gemini on Android Devices
Google API key flaw exposes mobile apps to Gemini AI access, private files and billing risks
AI, Global Security News, Government & Policy, Network Security, Russia
Major outage cripples Russian banking apps and metro payments nationwide
A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia, leaving customers unable to pay by card, withdraw cash, or access mobile banking for hours. According to The Record Media, the incident affected major banks,…
Cybersecurity, Global Security News
Progressive Web Apps for E-Commerce: The Complete 2026 Guide
In this post, I will talk about progressive web apps for E-Commerce. Running an e-commerce platform is definitely going to get more complicated in 2026. This is because the expectations of today’s users are all about speed, ease, and a smooth digital experience. This is where Progressive Web Apps have revolutionized the whole concept of…
Exploits, Global Security News
Automated Credential Harvesting Campaign Exploits React2Shell Flaw
An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.
Global Security News, privacy
Inconsistent Privacy Labels Don’t Tell Users What They Are Getting
Data privacy labels are a great idea for mobile apps, but the current versions just aren’t good enough.
Global Security News, privacy, Risk Management
Which messaging app takes the most limited approach to permissions on Android?
Messaging apps handle sensitive conversations, contacts, and media, and their behavior on a device varies in ways that affect privacy. An analysis of Android versions of Messenger, Signal, and Telegram shows that differences in permissions, background activity, and system exposure shape how much data each app can access and how often it communicates. Permissions define…
Global Security News
Google Introduces Android Dev Verification Amid Openness Debate
Android requires dev identity verification for sideloaded apps; phased global rollout from September
Global Security News
Android developers just got a new verification layer
To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company is also introducing app registration, which links apps to verified developer identities. Developers can still choose where to distribute their apps (Source: Google) Developers can begin completing verification now through…
Global Security News
Meta and YouTube Lose Landmark Social Media Trial
Jurors found the companies were negligent and the design of their apps caused harm to children.
AI, APAC, Global Security News
Microsoft backtracks on Copilot Chat access in M365 apps
Microsoft is set to remove Copilot Chat access within Microsoft 365 apps such as Word, Excel, and PowerPoint for large M365 commercial customers starting April 15 — a “mystifying backtrack,” according to one technology industry analyst. Copilot Chat is essentially a freemium version of the paid Microsoft 365 Copilot, which costs $30 per user per…
AI, Apps, Cybersecurity, Global Security News, Government & Policy, Risk Management, Russia
FBI, CISA issue PSA on Russian intelligence campaign to target messaging apps
Russian intelligence-affiliated hackers have gained access to thousands of users’ messaging apps with a global phishing campaign, the FBI and the Cybersecurity and Infrastructure Security Agency warned in a public service announcement on Friday. The high-value targets they’re pursuing include current and former U.S. government officials, political figures, military personnel and journalists, the two agencies…
AI, Global Security News
Google slows Android sideloading to trip up scammers
Google’s advanced flow for Android changes how apps from unverified developers are installed, adding steps to reduce scam-driven sideloading. The feature is aimed at experienced users and allows sideloading through a controlled, one-time setup. It addresses scam scenarios where attackers pressure individuals to install malicious software. In these cases, scammers often stay on the phone…
Global Security News, malware
Financial Brands Targeted in Global Mobile Banking Malware Surge
Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices
AI, Global Security News, malware
Google limits Android accessibility API to curb malware abuse
Google is restricting how Android apps can use accessibility features after years of abuse by banking Trojans and mobile malware. The changes, introduced in Android 17.2, limit access to the accessibility API when Advanced Protection Mode (APM) is enabled. Apps that do not serve a core accessibility function can no longer use these services, closing…
Global Security News
Android OS-Level Attack Bypasses Mobile Payment Security
Android’s LSPosed-based attack hijacks payment apps via runtime manipulation and SIM-binding bypass
AI, Apps, Global Security News, malware, privacy, Risk Management
Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services
Android 17 will block non-accessibility apps from using the Accessibility API under Advanced Protection Mode to reduce malware abuse. Android 17 introduces a new security feature in Advanced Protection Mode (AAPM) that blocks apps without accessibility functions from accessing the Accessibility API. The change, first reported by Android Authority and included in Android 17 Beta…
AI, Apps, Global Security News, Government & Policy, malware
BeatBanker malware targets Android users with banking Trojan and crypto miner
BeatBanker Android malware spreads through fake Starlink apps on websites imitating Google Play Store, hijacking devices, stealing credentials, and mining crypto. A new Android malware called BeatBanker spreads through fake Starlink apps distributed on websites posing as the Google Play Store. Once installed, it hijacks devices, steals login credentials, tampers with cryptocurrency transactions, and secretly…
AI, Global Security News
LastPass Expands Its Mission Beyond Passwords to Deliver Secure Access Essentials for Every Business and User
Company heads to RSAC to show how organizations of all sizes can secure access to apps, AI, and credentials while staying protected
Cybersecurity, Global Security News
Virtual Shield VPN Review: Is Virtual Shield VPN Safe? [+Best Alternatives]
In this Virtual Shield VPN review, we will reveal its features, apps, pricing plans, VirtualShield VPN Reddit ratings, the best Virtual Shield VPN alternatives, and also answer the question – is Virtual Shield VPN safe? Virtual Shield VPN is one of the most recent VPNs in the cyber security market today. Therefore, it is very…
AI, Cybersecurity, Global Security News
The Top 7 Field Service Mobile Apps
In this post, I will show you the top 7 field service mobile apps. Most field service teams don’t fail because of technicians. They fall apart due to poor coordination, a job update that never made it back to the dispatcher, a customer who called three times to ask where the crew was, and a…
Global Security News
Jack Dorsey’s Latest Far-Out Bet: An AI Future With Fewer Employees
Block—owner of payment apps, bitcoin and music streaming—grew its workforce to nearly 13,000 during the pandemic.
AI, Global Security News, Risk Management
Entra ID OAuth Consent Can Grant ChatGPT Access to Emails
OAuth consent in Entra ID can grant apps like ChatGPT email access after approval, exposing hidden risks that may bypass MFA and enable persistent access.
AI, Global Security News
44% Surge in App Exploits as AI Speeds Up Cyberattacks, IBM Finds
IBM’s 2026 X-Force report reveals 44% rise in cyberattacks on public apps, driven by AI and flaws
AI, Global Security News
Android mental health apps with 14.7M installs filled with security flaws
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users’ sensitive medical information. […]
Global Security News
Google cleans house, bans 80,000 developer accounts from the Play Store
Google prevented more than 1.75 million policy-violating apps from being published on Google Play and banned over 80,000 developer accounts that attempted to publish harmful apps in 2025. Developer verification, mandatory pre-review checks, and testing requirements in the Google Play ecosystem have reduced entry points for bad actors. “User safety is at the core of…
AI, Apps, Global Security News
17 Must-Have Tools for Ubuntu Users in 2026
In this article, you will discover the best Ubuntu apps for beginners, covering everything from productivity tools to entertainment options and AI-powered utilities. Ubuntu is one of the most popular Linux distributions for new users, offering an easy-to-use interface and a smooth transition from other operating systems. If you’re new to Ubuntu, you might be…
AI, Exploits, Global Security News
Industrial-Scale Fake Coretax Apps Drive $2m Fraud in Indonesia
Fraud campaign exploiting Indonesia’s Coretax resulted in $1.5m to $2m in losses via malicious apps
AI, Global Security News, malware
Firmware-level Android backdoor found on tablets from multiple manufacturers
A new Android backdoor embedded directly in device firmware can quietly take control of apps and harvest data, Kaspersky researchers found. The malware, named Keenadu, was discovered during an investigation into earlier Android threats and appears to have been inserted during the firmware build process, not after devices reached users.  How the backdoor works…
AI, Global Security News
260K+ Chrome Users Duped by Fake AI Browser Extensions
30 copycat apps tricked users, and Google itself, into thinking they’re legitimate AI tools.
AI, Global Security News, Security
AMOS infostealer targets macOS through a popular AI app
AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the broader stealer-log cybercrime economy. […]
AI, Compliance, Cybersecurity, Data Breaches, Data Security, Global Security News, Healthcare, privacy, Risk Management
Your AI doctor doesn’t have to follow the same privacy rules as your real one
AI apps are making their way into healthcare. It’s not clear that rigorous data security or privacy practices will be part of the package.
The post Your AI doctor doesn’t have to follow the same privacy rules as your real one appeared first on CyberScoop.
AI, Android, Don't miss, EU, Europe, Global Security News, News, privacy
Mobile privacy audits are getting harder
Mobile apps routinely collect and transmit personal data in ways that are difficult for users, developers, and regulators to verify. Permissions can reveal what an app can access, and privacy policies can claim what an app should do, yet neither reliably shows what data is actually collected and where it is sent during real use.…
Global Security News
Introducing Sophos Workspace Protection
An integrated bundle of security solutions that protect apps, data, workers, and guests easily and affordably – wherever they are. Categories: Products & Services Tags: Workspace
Global Security News
Introducing Sophos Workspace Protection
An integrated bundle of security solutions that protect apps, data, workers, and guests easily and affordably – wherever they are. Categories: Products & Services Tags: Workspace