A vulnerability in some MediaTek-powered phones could allow attackers to extract encrypted data, including wallet seed ...

Caribou is an Android app that does what RFID cardkeys do with locked doors. Caribou remotely connects to a server managing the locks at a supposedly secure location, and exploits the servers’ poor ...

Pixnapping could be used to steal private data, including 2FA codes. Side-channel attack abuses Google Android APIs to steal data on display. Flaw is partially patched, although a more complete fix is ...

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...

Google released an Android update fixing 129 vulnerabilities, including a zero-day flaw linked to Qualcomm chips already exploited in attacks.

Like any other computer, smartphones are prone to some nasty malware, and the latest exploit discovered in Android is equal parts ingenious and horrifying. The last thing most Android users worry ...

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...

On March 26, Symantec discovered 11 Android applications that were all made to appear like they were legitimate apps related to tracking cases in the Covid-19 pandemic, but which were in fact secretly ...

Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection Your email has been sent .NET MAUI’s hidden danger Bypassing security Malware’s evolving tactics The blob advantage ...

Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical ...