#android

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the

A Facebook malvertising campaign is spreading the Brokewell spyware to Android users via fake TradingView ads. The malware…

The FCC has disconnected over a thousand voice operators from the public telephone network for not doing their part to stop robocallers.

To reduce the number of harmful apps targeting Android users, Google is making some changes.

TheTruthSpy is at it again. A security researcher has discovered a flaw in the Android-based stalkerware that allows anyone to compromise any record in the system.

Researchers have found 77 malicious apps in the official Google Play Store, ranging from adware to state of the art banking Trojans.

New features to take over smartphones and monitor user activity demonstrate the continued evolution of the malware, which is now being spread on GitHub.

Zscaler reports 77 Android apps on Google Play with 19 million installs spread malware, hitting 831 banks and…

The application constructs a shell command using unsanitized user input passed to the system() function, calling an external binary for authentication. Due to improper input handling and reliance on the binary's return value for access control, an attacker can inject special characters, such as a double quote (") to manipulate command parsing and induce execution failure. Since the application interprets any non-zero exit code from the binary as successful authentication, this flaw allows remote users to bypass authentication entirely without providing valid credentials.

Zimperium’s research reveals the Hook Android malware is now a hybrid threat, using ransomware and spyware to steal…