Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Pegasus spyware creator ordered to reveal code used to spy on WhatsApp users

Meta has won a court case against spyware vendor NSO Group to reveal the Pegasus spyware code that allows spying on WhatsApp users.

Malwarebytes
Open in Source
#vulnerability#ios#android#asus#zero_day#sap
New CHAVECLOAK Banking Trojan Targets Brazilians via Malicious PDFs

By Deeba Ahmed The CHAVECLOAK banking Trojan employs PDFs, ZIP downloads, DLL sideloading, and deceptive pop-ups to target Brazil's unsuspecting banking users financial sector.  This is a post from HackRead.com Read the original post: New CHAVECLOAK Banking Trojan Targets Brazilians via Malicious PDFs

How Cybercriminals are Exploiting India's UPI for Money Laundering Operations

Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a "key tool for onboarding and managing these money mules," CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report. Details about the scam

Nepali Hacker Tops Hall of Fame by Exposing Facebook’s Zero-Click Flaw

By Deeba Ahmed It is unclear how much the hacker received as part of the Facebook bug bounty program. This is a post from HackRead.com Read the original post: Nepali Hacker Tops Hall of Fame by Exposing Facebook’s Zero-Click Flaw

CryptoChameleon Phishing Scam Targets Crypto Users and FCC Employees

By Deeba Ahmed Lookout urges crypto users to be on the lookout of the new and tricky phishing campaign. This is a post from HackRead.com Read the original post: CryptoChameleon Phishing Scam Targets Crypto Users and FCC Employees

Android Money Transfer XHelper App Exposed as Money Laundering Network

By Deeba Ahmed Don't confuse the XHelper app with the notorious XHelper malware, which targets Android devices and is notoriously difficult to remove. This is a post from HackRead.com Read the original post: Android Money Transfer XHelper App Exposed as Money Laundering Network

Savvy Seahorse Using Fake ChatGPT, Facebook Ads in DNS Investment Scam

By Deeba Ahmed The scammers creates fake investment platforms using popular companies like Tesla, Meta, and Imperial Oil and lures unsuspecting users into depositing funds. This is a post from HackRead.com Read the original post: Savvy Seahorse Using Fake ChatGPT, Facebook Ads in DNS Investment Scam

Facebook bug could have allowed attacker to take over accounts

A vulnerability, now fixed, in Facebook could have allowed an attacker to take over a Facebook account without the victim needing to click on anything at all.

CVE-2024-26196: Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

Telegram For Android Connection::onReceivedData Use-After-Free

In the tgnet library used in Telegram messenger for Android, there is a use-after-free vulnerability in Connection::onReceivedData that can be triggered remotely.