Tag: mobile security
107 articles

Google patches actively exploited Android zero-day flaw amid June security updates
Google just patched a high-severity Android flaw that's being actively exploited by hackers, allowing them to gain control of devices running Android 14 or later. The June security update fixes this zero-day vulnerability, along with 123 others, to keep your device safe.

ESET Exposes BTMOB Android Malware Service
Meet BTMOB, a sneaky Android malware that's being sold as a subscription service - think $700/month or a one-time $5,000 fee for a lifetime license - making it easy for anyone to become a cyber threat actor. This malware-as-a-service platform even comes with a user-friendly APK builder, requiring zero coding skills.

BTMOB Android RAT Exploits No-Code Tools in Global Phishing Campaigns
A single malicious download can put an entire company's sensitive data at risk, so it's crucial for corporate security teams to educate employees on the dangers of rogue apps.

Apple Thwarts $2.2bn in App Store Fraud with AI-Driven Defenses
Apple's AI-powered defenses have successfully blocked a whopping $2.2 billion in App Store fraud over the past year, and a staggering $11.2 billion over six years, protecting consumers and businesses from malicious actors.

Apple Foils $11 Billion in App Store Fraud Over Six Years
Apple's vigilant efforts have paid off, blocking a whopping $11 billion in App Store fraud over the past six years, with a staggering $2.2 billion foiled in 2025 alone. The tech giant's winning combination of human review and cutting-edge tech has kept scammers at bay.

Android Malware Campaign Silently Invoices Users via Fake Apps
Malware hidden in nearly 250 fake Android apps has been silently invoicing users for premium services, with victims largely unaware of the charges. The sneaky campaign, dubbed Premium Deception, targeted subscribers in several countries, including Malaysia, Thailand, Romania, and Croatia, over a 10-month period.

Malicious Android Apps Fuel 659M Daily Ad Fraud Bid Requests
Meet Trapdoor, a massive ad fraud scam driven by 455 malicious Android apps that generated a whopping 659 million daily bid requests at its peak, all while hiding in plain sight as harmless utilities like PDF viewers and file managers. These fake apps tricked users into installing malware, unleashing a hidden ad fraud operation controlled by 183 threat actor-owned domains.

Trapdoor Android Ad Fraud Scheme Exposes 455 Malicious Apps
Meet Trapdoor, a massive Android ad fraud scheme that used 455 malicious apps to generate a staggering 659 million daily bid requests, fueling a self-sustaining machine that turned innocent installs into big bucks. This complex operation was uncovered by HUMAN's Satori Threat Intelligence and Research Team, shedding light on a pipeline for multi-stage fraud.

Google Unveils Spyware Forensics Tool for High-Risk Android Users
Google's new Android Intrusion Logging tool helps high-risk users detect spyware attacks by recording suspicious activity, but raises concerns about sensitive data sharing and consent. To use it effectively, users must balance protection with secure log sharing and informed consent.

Google Bolsters Android Spyware Defenses with Intrusion Logging Feature
Google just launched a game-changing feature to help protect Android users from spyware: Intrusion Logging, a powerful tool that collects forensic data to help investigate suspected device compromises. Now available in Advanced Protection Mode, this innovative feature lets users opt-in to safeguard their digital security and peace of mind.
Android 17 Bolsters Defenses Against Banking Scams, Device Theft
Stay one step ahead of scammers with Android 17's cutting-edge security features, including robust protection against banking scam calls and device theft. Android 17 will work hand-in-hand with banking apps to detect and block spoofed calls, giving you an added layer of defense against financial threats.

Google Bolsters Android Security to Counter Spyware Vendors
Google's new Intrusion Logging feature is a game-changer in the fight against spyware, helping digital forensics researchers uncover sophisticated attacks on Android devices. By recording security incidents like device unlocking and spyware installation, it provides crucial evidence to investigate and take down these threats.

TrickMo Trojan Exploits TON Network for Android Pivots
Meet TrickMo C, a sneaky new variant of the Android banking trojan that's turning infected devices into programmable network pivots, allowing hackers to intercept sensitive data from banking and cryptocurrency wallet users in France, Italy, and Austria. This malicious software is packed with powerful tools, including reconnaissance, SSH tunnelling, and SOCKS5 proxying capabilities.

Apple Deploys End-to-End Encryption for RCS Messaging
Big news for messaging security: Apple just rolled out end-to-end encryption for RCS messaging in its latest iOS 26.5 update, giving users an extra layer of protection when chatting with friends and family across different devices and platforms.

Fraudulent Call History Apps Drain Millions via 7.3M Play Store Downloads
Millions of Android users have been duped into downloading 28 fake call history apps from the Google Play Store, with over 7.3 million downloads recorded before they were finally removed. These apps, which promised access to call logs and more, actually delivered nothing but randomly generated data - and a hefty price tag.

Google Bolsters Android App Security with Public Verification Ledger
Google is stepping up its game to keep your Android apps safe with a new public verification ledger that ensures the Google apps on your device are genuine and exactly as intended. This move builds on its Pixel Binary Transparency feature, now expanding it to all Android production apps.

Google Boosts Bounty Payouts for Elusive Android Exploits
Google just supercharged its bounty program, offering up to $1.5 million for the most elusive Android exploits that require top-notch technical skills to pull off. The biggest prizes go to zero-click, full-chain exploits with persistence, highlighting Google's focus on tackling the toughest security challenges.

Canada Cracks Down on Rogue Cellular Tower Used for Mass Phishing Texts
Imagine receiving a text from your bank or favorite store, but it's actually a sneaky scam - that's what happened in Toronto when a rogue cellular tower started sending out mass phishing texts to unsuspecting users. Canadian authorities cracked down on the culprit in a sting operation dubbed Project Lighthouse.

Cybersecurity Researchers Expose Global SMS, Crypto Fraud Ring
Beware of fake CAPTCHAs that can drain your wallet! A cunning SMS scam routes victims to bogus web pages, tricking them into sending costly texts to over 50 international destinations.

Malicious Apps Expose Crypto Investors to Seed Phrase Theft on App Store
Beware of malicious apps on the App Store that masquerade as popular cryptocurrency wallets, aiming to steal your crypto seed phrase and drain your funds. These fake apps, uncovered by Kaspersky researchers, can trick you into revealing sensitive information with just a few taps.

FBI Extracts Signal Messages from iPhone Push Notification Records
In a surprising forensic discovery, the FBI was able to extract Signal messages from an iPhone's notification database, even after the app was deleted, by exploiting a loophole that stores message previews on the lock screen. This finding raises significant concerns about iPhone users' message security.

Apple Fixes iOS Bug Exposing Deleted Message Content
Apple just dropped an emergency update to squash a pesky iOS bug that let deleted messages linger on your device - and it's already patched in iOS 26.4.2 and iPadOS 26.4.2. The fix tackles a Notification Services flaw that allowed deleted alerts to persist, putting your private info at risk.

Apple Fixes iOS Flaw That Preserved Deleted Signal Notifications
Apple has fixed a frustrating iOS flaw that was causing deleted Signal notifications to stick around, and you can get the solution by updating your iPhone or iPad to the latest software version. The update addresses a logging issue that allowed deleted notifications to be retained on the device.

Apple patches iOS flaw that retained deleted notification data
Apple fixed a security flaw in its iOS system that was storing deleted notifications, and released emergency updates on April 22, 2026, to address the issue. The out-of-band fixes, available in iOS and iPadOS updates, ensure that deleted notifications are now properly erased from your device.