Tag: android
107 articles

EU Orders Google to Open Android to Rival AI Assistants
Google is now required to open up Android to rival AI assistants, a move the company claims could compromise device security by giving external apps sensitive permissions. The European Commission's order, made under the Digital Markets Act, forces Google to grant third-party AI assistants access to Android sensors and system features.

RedWing Malware Targets Android Users with Bank Fraud as a Service
A new, ready-to-use bank-fraud tool called RedWing is being rented on Telegram, allowing even novice criminals to hijack Android users' phones and steal their banking information. This malicious kit is sold as a complete package, complete with step-by-step guides and how-to videos, making it alarmingly easy for scammers to get started.

Linux Flaw Exposes Unprivileged Users to Root Access
A newly discovered Linux flaw, CVE-2026-46242, allows ordinary users to gain root access to a machine, and even Android devices are vulnerable. This alarming vulnerability, known as Bad Epoll, can be exploited with ease, but thankfully, a working fix is now available.

FBI and Google Disrupt NetNut Proxy Network Used by Cyber Threat Actors
In a major win for cybersecurity, the FBI and Google have joined forces to dismantle the notorious NetNut proxy network, a go-to tool for cyber threat actors. This disruption has significantly reduced the network's capacity, cutting the available pool of devices by millions.

EU Court Upholds $4.7 Billion Google Antitrust Fine
Google's last-ditch effort to overturn a $4.7 billion antitrust fine has been rejected by the EU's top court, affirming that the company's Android agreements did indeed stifle competition. The Court of Justice of the European Union dismissed Google's appeal, upholding the hefty penalty.

AirDrop and Quick Share Flaws Expose Devices to Local Attacks
Millions of devices are vulnerable to local attacks due to flaws in popular sharing services like AirDrop and Samsung Quick Share, discovered by researchers Arash Ale Ebrahim and Nils Ole Tippenhauer. They found six distinct flaws that can be exploited by nearby attackers to crash services or bypass security checks.

Google Tightens Android App Verification Rules Ahead of Sept. 30 Deadline
Get ready for a safer app experience on Android! As of September 30, 2026, Google will start enforcing developer verification, blocking installs of unverified apps on certified phones in Brazil, Indonesia, Singapore, and Thailand.

Microsoft 365 Android Apps Expose Account Tokens Due to Debug Flag Oversight
A single line of code, "setIsDebugMode(true)," inadvertently left in multiple Microsoft 365 Android apps, created a gaping security hole that allowed other apps on the same phone to access sensitive account tokens without user permission. This tiny oversight, discovered by Enclave's Yanir Tsarimi and Ofek Levin, exposed users to potential security risks.

Google patches actively exploited Android zero-day flaw amid June security updates
Google just patched a high-severity Android flaw that's being actively exploited by hackers, allowing them to gain control of devices running Android 14 or later. The June security update fixes this zero-day vulnerability, along with 123 others, to keep your device safe.

Malware Campaigns Target Windows, Android Users in Global Finance Sector
Global finance sector faces a double threat as malware campaigns target Windows and Android users, with attackers using clever tactics like hiding in trusted traffic and selling mobile RATs as turnkey services. Two recent campaigns, one using Grandoreiro malware in Portugal, Spain, and Mexico, and another using a new BTMOB trojan in Brazil, highlight the evolving threat landscape.

Canada Arrests Suspect Tied to Kimwolf Botnet Operation
In a major breakthrough, Canadian authorities have arrested 23-year-old Jacob Butler, aka "Dort", for his alleged role as a key administrator of the notorious Kimwolf botnet operation, which infected over 2 million Android TV devices worldwide. The arrest marks a significant step in the fight against one of the most widespread distributed-denial-of-service (DDoS) botnets on record.

Google and Apple Roll Out Cross-Platform RCS Encryption
Big news for messaging security: Apple and Google have just launched a beta rollout of end-to-end encrypted RCS messaging, allowing for more secure conversations between iPhone and Android users worldwide. This update enables encryption by default, marked with a lock icon, and is available to users with supported carriers and devices.

Apple and Google Boost Cross-Platform Messaging with End-to-End Encryption
Say goodbye to the green bubble blues! iPhone and Android users can now send end-to-end encrypted messages to each other, thanks to a game-changing collaboration between Apple and Google.

Fraudulent Call History Apps Drain Millions via 7.3M Play Store Downloads
Millions of Android users have been duped into downloading 28 fake call history apps from the Google Play Store, with over 7.3 million downloads recorded before they were finally removed. These apps, which promised access to call logs and more, actually delivered nothing but randomly generated data - and a hefty price tag.

CloudZ RAT Exploits Windows Phone Link for Credential Theft
Cyber attackers have cleverly exploited the Microsoft Phone Link feature to steal sensitive credentials and one-time passwords, all without needing to infect mobile devices with malware. By targeting this built-in Windows application, hackers can access synced phone data and extract valuable information.

ScarCruft Expands Malware Arsenal with Multi-Platform BirdCall Backdoor
ScarCruft hackers have launched a sneaky attack on a popular video game platform, infecting both Windows and Android users with a new backdoor called BirdCall. The multi-platform threat has been targeting ethnic Koreans in China since late 2024, allowing hackers to gain unauthorized access.

NGate Malware Exploits HandyPay App to Steal Android NFC Payment Data
Malicious NGate malware has been discovered hiding inside a fake version of the HandyPay app, putting Android users' NFC payment data at risk. This sneaky malware exploits a trusted payments tool to steal sensitive information, leaving users vulnerable to financial theft.

Malware Campaigns Exploit Trusted Channels for Internal Access
Instead of smashing down the front door, attackers are now sneaking in by exploiting trusted channels and misdirecting trust - a subtle yet effective tactic that's leaving defenders, regulators, and users scrambling to respond. This quiet approach to breaching security is a growing concern, with multiple incidents revealing a common pattern of adversaries using third-party components to gain internal access.

Google API Flaw Exposes Android Apps to Gemini AI Vulnerabilities
A recently discovered flaw in Google's API keys is leaving millions of Android apps vulnerable to Gemini AI exploits, potentially exposing private files and racking up unexpected billing charges. This security gap allows mobile apps to quietly tap into the powerful AI, all without users noticing.

Google Tightens Android App Verification for Sideloaded Software
Google is shaking things up in the mobile world by introducing a new requirement for Android apps installed outside its official store: developers must now verify their identity to ensure user safety. This move aims to strike a balance between platform openness and protection from potential harm.

Chrome updates: Exclusive rapid fixes for safer browsing
Chrome updates just went into overdrive — Google will push security fixes every two weeks across desktop, Android and iOS to shrink the window attackers have to weaponize bugs. Enterprises can still opt into an eight‑week Extended Stable channel for predictable testing and rollouts.

Google Exclusive Patch Fixes 107 Android Flaws, Critical
Google’s latest monthly Android update patches 107 vulnerabilities — including two already exploited in the wild — so this isn’t optional maintenance anymore. If you manage devices, accelerate testing and push updates now before fragmentation leaves users exposed.

New Android Albiriox Malware Exclusive: Dangerous Surge
Albiriox malware is being sold like a subscription, turning smartphones into turnkey crime tools that give even novice operators remote takeover, credential harvesting, and live‑fraud capabilities. That MaaS model lowers the bar for attackers and creates an industrialized path from infection to immediate theft that security teams and users now must reckon with.

Android Devices Exclusive: KONNI APT Critical Alert
Imagine the smart display on your counter becoming the remote trigger that erases the phone in your pocket — researchers warn a North Korean-linked group called KONNI is abusing Google’s Find My Device and device-management features to remotely wipe Android devices. This tactic can destroy data, break two‑factor access and cripple businesses, a stark reminder that everyday conveniences can be weaponized for sabotage.