Security
Headlines
HeadlinesLatestCVEs

Tag

#android

How Phished Data Turns into Apple & Google Wallets

Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.

Krebs on Security
Open in Source
#vulnerability#web#android#apple#google#git#auth#blog
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates

Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher). TA2727 is a "threat actor that uses fake

A week in security (February 10 – February 16)

A list of topics we covered in the week of February 10 to February 16 of 2025

The Official DOGE Website Launch Was a Security Mess

Plus: Researchers find RedNote lacks basic security measures, surveillance ramps up around the US-Mexico border, and the UK ordering Apple to create an encryption backdoor comes under fire.

Android's New Feature Blocks Fraudsters from Sideloading Apps During Calls

Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority. Users who attempt

Massive 1.17TB Data Leak Exposes Billions of IoT Grow Light Records

Massive 1.17 TB data leak exposes billions of records from a Chinese IoT grow light company. Wi-Fi passwords,…

Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification

Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data," a spokesperson for

Apple fixes zero-day vulnerability used in “extremely sophisticated attack”

Apple has released an out-of-band security update for a vulnerability which it says may have been exploited in an "extremely sophisticated attack against specific targeted individuals.”

Phishing evolves beyond email to become latest Android app threat

Android phishing apps are the latest, critical threat for Android users, putting their passwords in danger of new, sneaky tricks of theft.

Apple ordered to grant access to users’ encrypted data

The UK has demanded Apple provides it with a worldwide backdoor into iCloud backups. Privacy organizations are furious.