Skip to main content

Tag: android

107 articles

CISA Exclusive: Critical Zero-Day Added to KEV

CISA Exclusive: Critical Zero-Day Added to KEV

When CISA added a critical zero-day vulnerability to the KEV, it was a blunt wake-up call — the flaw is already being weaponized by LandFall spyware against millions of Samsung devices. With federal patching now mandatory, the race is on to stop real-world attacks and protect users’ privacy.

Analyst 207
Dark smartphone screen with cracked lock and eerie shadows, glowing thread weaving through cityscape, symbolizing malware…

Malware-Laden Apps: Stunning Threat in 41M Play Store Installs

Think the Play Store is safe? Researchers found hundreds of malicious Android apps that slipped past vetting and amassed tens of millions of installs—using hijacked SDKs, repackaged binaries and delayed activation to turn everyday apps into stealthy attack platforms.

Analyst 207
ClayRat spyware: Exclusive Risky Android Threat

ClayRat spyware: Exclusive Risky Android Threat

Imagine a trusted Telegram app secretly scanning your messages, recording calls and sending everything off-device — that’s exactly what the new ClayRat spyware campaign is doing by spreading fake Android APKs through Telegram channels. Avoid sideloading, tighten app permissions, and treat APK links with suspicion to stop your phone from becoming a surveillance tool.

Analyst 207
Android banking trojan: Stunning, Dangerous Klopatra

Android banking trojan: Stunning, Dangerous Klopatra

A new Android trojan called Klopatra is quietly hijacking phones with a hidden VNC channel—letting attackers watch and control screens to bypass MFA and steal funds, especially across Spain and Italy. Keep your device updated and apps from official stores, and banks should adopt out‑of‑band confirmations and behavioral analytics to block these stealthy attacks.

Analyst 207
Android remote access trojan: Exclusive Risky Threat

Android remote access trojan: Exclusive Risky Threat

“If you can see nothing, they can take everything” — Klopatra is a stealthy new Android remote-access trojan that quietly hijacks phones to steal banking credentials, intercept one-time codes, and automate fraudulent transactions. Stay vigilant: only install apps from trusted stores, scrutinize accessibility and overlay permissions, and push behavioral mobile security and out-of-band authentication to blunt these targeted, modular attacks.

Analyst 207
Android vulnerability: Stunning Critical OnePlus Risk

Android vulnerability: Stunning Critical OnePlus Risk

Imagine any app reading your texts — that’s the risk OnePlus users face after Rapid7 revealed a critical flaw letting unprivileged apps access SMS/MMS, a bug the company reportedly knew about but hasn’t fully fixed for over three years. How safe is your phone if authentication codes and private conversations can be siphoned silently?

Analyst 207
hardcoded secrets: Stunning Risky Mobile Crisis

hardcoded secrets: Stunning Risky Mobile Crisis

One in three Android apps — and over half of iOS apps — are leaking sensitive data through insecure APIs and hardcoded secrets, putting your personal info and company systems at risk. Luckily, with smarter developer practices, better tooling and a few simple precautions, we can close those easy doors before attackers walk through.

Analyst 207
Android zero-day Critical Emergency: Must-Have Fix

Android zero-day Critical Emergency: Must-Have Fix

Samsung just pushed an emergency patch for a critical Android zero‑day that’s been actively exploited — install it now to stop attackers from reading messages, using your mic, or tracking your device. Even after updating, enable automatic updates and avoid installing apps from untrusted sources to stay safer.

Analyst 207
Android zero-day Critical Fix: Must-Have Patch

Android zero-day Critical Fix: Must-Have Patch

Imagine a single image could hijack your phone — Samsung’s September security update patches CVE-2025-21043, a high-severity, actively exploited Android zero-day in the image codec; install the SMR update as soon as it’s available to protect your device.

Analyst 207
Apple spyware campaign: Exclusive Risky Threat Guide

Apple spyware campaign: Exclusive Risky Threat Guide

Worried about your iPhone? Apple warned multiple French users in 2025 they may have been targeted by sophisticated spyware — a wake‑up call to update, tighten protections, and demand clearer rules around commercial surveillance.

Analyst 207
automated Android bug-hunting system: Stunning Risk

automated Android bug-hunting system: Stunning Risk

Meet a tireless, AI-powered bug hunter that found 100+ zero-days in real Android apps — a potential game-changer for faster, wider vulnerability discovery. But beware: automation can flood teams with false positives, extra triage work, and tricky disclosure risks.

Analyst 207
Android security bulletin: Urgent Must-Have Fixes

Android security bulletin: Urgent Must-Have Fixes

Google’s massive September Android bulletin patches 120 vulnerabilities — including two already exploited in the wild — so installing updates ASAP is no longer optional. Device makers and carriers must accelerate rollouts, or millions of phones will remain easy targets.

Analyst 207
Hook Android Trojan: Stunning Dangerous Ransomware Threat

Hook Android Trojan: Stunning Dangerous Ransomware Threat

A new Hook Android Trojan variant now combines banking fraud with ransomware-style lockouts, letting attackers both steal credentials and hold phones hostage. Millions of users should tighten app sources, review permissions, and keep backups as defenders scramble to catch up.

Analyst 207
malware-laden Android apps: Stunning Threats Reveal Risk

malware-laden Android apps: Stunning Threats Reveal Risk

Got a scary “your phone is infected” pop-up despite downloading from Google Play? A new Zscaler report found over 19 million installs of malware-laden Android apps that slipped past scans via malicious SDKs, repackaging and delayed activation — a reminder to keep apps updated, check permissions, and stay a little skeptical even in official stores.

Analyst 207
ERMAC v30 Exposed: Stunning Risky Banking Threat

ERMAC v30 Exposed: Stunning Risky Banking Threat

A public leak of ERMAC v3.0’s source code has pulled back the curtain on a sharper, more widespread Android banking trojan—revealing both powerful theft techniques and the operators’ sloppy mistakes that could help investigators. It’s a stark reminder that transparency can empower defenders, but also risks giving other crooks a head start if we don’t act fast.

Analyst 207
KernelSU v057 Critical Flaw — Must-Have Patch

KernelSU v057 Critical Flaw — Must-Have Patch

A critical authentication bug in KernelSU v0.5.7 lets a malicious app impersonate the manager and gain full root control, putting millions of rooted Android devices at risk. If you use KernelSU or custom-root tools, update immediately, verify manager signatures, and avoid untrusted sideloads.

Analyst 207
Iran-Linked DCHSpy Malware Disguises as VPN to Target Dissidents

Iran-Linked DCHSpy Malware Disguises as VPN to Target Dissidents

As digital privacy hangs in the balance, the emergence of DCHSpy—a cunning malware masquerading as a VPN—serves as a chilling reminder of the lengths to which oppressive regimes will go to silence voices of dissent. This insidious spyware, targeting Iranian activists, underscores a growing threat to freedom in an increasingly surveilled world—making us all rethink just how safe our online spaces truly are.

Analyst 207
Iranian Hackers Unveil Updated Android Spyware Threat

Iranian Hackers Unveil Updated Android Spyware Threat

Tensions are rising, and so is the threat of sophisticated cyber espionage. With Iranian hackers revealing their latest Android spyware, DCHSpy, its a chilling reminder that in today’s digital battlefield, the stakes are higher than ever.

Analyst 207
Iranian Android Spyware: Exclusive Risky New Threat

Iranian Android Spyware: Exclusive Risky New Threat

A dangerous new strain of Iranian Android spyware — a revamped DCHSpy tied to MuddyWater — is turning smartphones into frontline spying tools with enhanced data-stealing and persistence that make detection much harder. Stay vigilant: keep your apps updated, use official stores, and enable strong authentication to reduce your risk.

Analyst 207
Android Spyware Iran: Shocking Dangerous Threat

Android Spyware Iran: Shocking Dangerous Threat

Security researchers have uncovered Android spyware tied to Iran’s MOIS that can read WhatsApp, record audio and video, and search files—turning everyday phones into powerful surveillance tools that put journalists, activists, and regular users at risk. Stay vigilant: update apps, check permissions, and use trusted security practices to protect your device.

Analyst 207
New Konfety Malware Variant Evades Detection by Altering APKs

New Konfety Malware Variant Evades Detection by Altering APKs

Think your apps are safe? Think again—Konfety’s new malware twist uses sneaky “evil twin” apps to outsmart detection and secretly steal your data while flying under the radar.

Analyst 207
Millions of Android and iPhone Users May Be Sending Data to China

Millions of Android and iPhone Users May Be Sending Data to China

Millions of Android and iPhone users might be unknowingly sharing their private data with China through seemingly secure browsing apps—raising urgent questions about who really controls our digital privacy.

Analyst 207
Anatsa Android Trojan Infects 90,000 via Fake PDF App on Google Play

Anatsa Android Trojan Infects 90,000 via Fake PDF App on Google Play

Cybersecurity experts have uncovered Anatsa, a sophisticated Android banking trojan infecting 90,000 users via a fake “PDF Update” app on Google Play, exploiting the platform’s trust to steal sensitive banking credentials through convincing overlay attacks. This alarming campaign underscores the evolving threat landscape targeting mobile banking users in North America.

Analyst 207
Android TapTrap Attack: Users Deceived by Invisible UI Trick

Android TapTrap Attack: Users Deceived by Invisible UI Trick

Discover how Android users fall victim to the TapTrap Attack, a deceptive tactic using invisible UI elements to steal sensitive information.

Analyst 207