Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon

The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control. "Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs," the Genians

The Hacker News
Open in Source
#web#android#mac#windows#google#microsoft#js#git#java#auth#The Hacker News
LANDFALL Spyware Targeted Samsung Galaxy Phones via Malicious Images

Unit 42 discovered LANDFALL, commercial-grade Android spyware, which used a hidden image vulnerability (CVE-2025-21042) to remotely spy on Samsung Galaxy users via WhatsApp. Update your phone now.

Fantasy Hub is spyware for rent—complete with fake app kits and support

Fantasy Hub RAT-for-rent hides in fake Android apps, stealing logins, PINs, and messages—all with a single SMS permission.

⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More

Cyber threats didn’t slow down last week—and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear shift: cybercrime is evolving fast

Watch out for Walmart gift card scams

The only thing you’re winning here is a spot on marketing lists you never asked to join.

A week in security (November 3 – November 9)

A list of topics we covered in the week of November 3 to November 9 of 2025

Malwarebytes scores 100% in AV-Comparatives Stalkerware Test 2025

AV-Comparatives put 13 top Android security apps to the test against stalkerware. Malwarebytes caught them all.

Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp

A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the "libimagecodec.quram.so" component that could allow remote attackers to execute arbitrary

From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools

A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S. entities that are linked to or involved in policy issues. The organization, according to a report from Broadcom's Symantec and Carbon Black teams, is "active in attempting to influence U.S. government

Android malware steals your card details and PIN to make instant ATM withdrawals

Forget card skimmers—this Android malware uses your phone’s NFC to help criminals pull cash straight from ATMs.