Android
-
Social Engineering at Scale: How a Fake Document Utility Deployed Anatsa Banking Trojan to 100K Users
A sophisticated Android malware campaign has recently been identified, leveraging a deceptive “document reader” application to distribute the notorious Anatsa…
Read More » -
CVE-2026-20971: Analyzing the Samsung KNOX Kernel Use-After-Free Vulnerability
Samsung has issued critical patches to address a significant kernel-level vulnerability within its KNOX security framework. This flaw exposes millions…
Read More » -
Rokarolla: zLabs Uncovers Sophisticated Android Banking Trojan
Cybersecurity researchers have uncovered a highly capable Android banking trojan dubbed Rokarolla—a name derived directly from its Command-and-Control (C2) infrastructure.…
Read More » -
Technical Analysis: The Evolution of NFCShare Android Banking Trojan
A sophisticated and operationally refined iteration of the NFCShare Android banking trojan has surfaced, specifically engineered to facilitate NFC-based card…
Read More » -
Critical Alert: CISA Adds Actively Exploited Android Framework Integer Overflow (CVE-2025-48595) to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its security posture regarding a critical flaw in the Android Framework.…
Read More » -
codexui-android Supply Chain Attack: Stealing AI Tokens Through npm and Android
A sophisticated supply chain attack has been identified targeting the AI development ecosystem, leveraging a deceptive developer tool named codexui-android…
Read More » -
The Click You Didn’t Make: How Motorola’s “Helpful” Feed Hijacked Your Amazon Sessions
Motorola is currently under intense scrutiny following revelations that its preinstalled “Smart Feed” application was performing silent, unauthorized interceptions of…
Read More » -
Supply Chain Compromise: art-template NPM Package Weaponized to Deliver Coruna iOS Exploits
In a sophisticated supply-chain attack, threat actors have compromised the widely utilized art-template npm package, transforming a trusted JavaScript templating…
Read More » -
The Rise of Regional NFC Relay Malware: Deep Dive into DevilNFC and NFCMultiPay
Cybersecurity researchers have identified a sophisticated new evolution in mobile banking fraud: the DevilNFC malware family. This threat is distinguished…
Read More » -
The Pixel 10 Zero-Click Exploit Chain: From Audio Decoding to Kernel Control
In the high-stakes landscape of mobile security, a single oversight in a vendor-supplied driver can bypass even the most sophisticated…
Read More » -
Patch the Gap: Immediate Mitigation Steps for CVE-2026-32185 in Microsoft Teams Android
A critical security advisory has recently emerged concerning the Microsoft Teams mobile ecosystem. A newly identified vulnerability within the Android…
Read More » -
Critical Vulnerability Alert: Unauthenticated Remote Code Execution via CVE-2026-0073 in Android adbd
The threat landscape for Android ecosystems has shifted significantly following reports that a functional Proof-of-Concept (PoC) for CVE-2026-0073 is now…
Read More » -
Inside ‘CallPhantom’: Unmasking the Sophisticated Subscription Scams Targeting Android Users
A massive coordinated campaign of fraudulent utilities has been uncovered on the Google Play Store, where 28 deceptive applications—collectively amassing…
Read More » -
Deep Dive: How the CloudZ RAT Leverages Microsoft Phone Link for Mobile Data Exfiltration
In a sophisticated evolution of credential theft, a new modular Remote Access Trojan (RAT) known as CloudZ has surfaced, specifically…
Read More » -
Multiplatform Espionage: Deconstructing ScarCruft’s Sophisticated Supply-Chain Attack on Gaming Platforms
In a highly targeted display of cyber espionage, the North Korea-aligned APT group ScarCruft (also known as APT37 or Reaper)…
Read More » -
Critical Android Vulnerability CVE-2026-0073 Lets Hackers Execute Code Remotely
Google has officially released its Android Security Bulletin for May 2026, and the headline is a significant one. The update…
Read More »