Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps

Threat actors are taking advantage of Android's WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information. "The attack began with victims receiving SMS messages suggesting the need to update a mobile banking application," researchers from CSIRT KNF said in an analysis released last week. "The

The Hacker News
Open in Source
#web#android#mac#google#git#samsung#auth#chrome#The Hacker News
Fake Ads Manager Software and Malicious Extensions Target Facebook Accounts

By Deeba Ahmed The attack's perpetrators are Vietnamese, as confirmed by Malwarebytes. This is a post from HackRead.com Read the original post: Fake Ads Manager Software and Malicious Extensions Target Facebook Accounts

Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew

Categories: Podcast This week on Lock and Code, we speak with maia arson crimew about the hack of the monitoring app LetMeSpy, which many have labeled as stalkerware. (Read more...) The post Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew appeared first on Malwarebytes Labs.

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It primarily targets Windows systems and aims to gather sensitive information from

A week in security (July 10 - 16)

Categories: News Tags: week Tags: security Tags: July Tags: 2023 A list of topics we covered in the week of July 10 to July 16 of 2023 (Read more...) The post A week in security (July 10 - 16) appeared first on Malwarebytes Labs.

Google Removes Swing VPN Android App Exposed as DDoS Botnet

By Waqas The developer behind the malicious app, Limestone Software Solutions, has also been banned from the Google Play Store. This is a post from HackRead.com Read the original post: Google Removes Swing VPN Android App Exposed as DDoS Botnet

CVE-2023-2507: GitHub - CleverTap/clevertap-cordova: CleverTap Cordova Plugin

CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them.

CVE-2023-36888

Microsoft Edge for Android (Chromium-based) Tampering Vulnerability

Fake THREADS App Climbs to Number 1 Spot on Apple Store in Europe

By Habiba Rashid Due to privacy concerns, Meta has not yet released the Threads app in EU countries, creating a loophole for criminals to upload fake versions of the app. This is a post from HackRead.com Read the original post: Fake THREADS App Climbs to Number 1 Spot on Apple Store in Europe

QR codes are relevant again for everyone from diners to threat actors

QR codes have always served as a way for bad actors to spread malware or even your friendly neighborhood prankster to share Rick Astley’s most famous music video.