android
Google nukes 224 Android malware apps behind massive ad fraud campaign
A massive Android ad fraud operation dubbed “SlopAds” was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per day. The ad fraud campaign was discovered by HUMAN’s Satori Threat Intelligence team, which reported that the apps were downloaded over 38 million times and employed obfuscation and steganography to conceal the […]
Samsung patches actively exploited zero-day reported by WhatsApp
Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices. Tracked as CVE-2025-21043, this critical security flaw affects Samsung devices running Android 13 or later and was reported by the security teams of Meta and WhatsApp on August 13. As Samsung explains in a recently updated advisory, this […]
Pixel 10 fights AI fakes with new Android photo verification tech
Google is integrating C2PA Content Credentials into the Pixel 10 camera and Google Photos, to help users distinguish between authentic, unaltered images and those generated or edited with artificial intelligence technology. The American company notes that the problem of labeling synthetic media has become bigger in recent years as traditional approaches are no longer suitable […]
Signal adds secure cloud backups to save and restore chats
Signal has introduced a new opt-in feature that helps users create end-to-end encrypted backups of their chats, allowing them to restore messages even if their phones are damaged or lost. Secure backups are already available in the latest Signal beta version for Android users and will also be rolled out to iOS and desktop devices […]
Google fixes actively exploited Android flaws in September update
Google has released the September 2025 security update for Android devices, addressing a total of 84 vulnerabilities, including two actively exploited flaws. The two flaws that were detected as exploited in zero-day attacks are CVE-2025-38352, an elevation of privilege in the Android kernel, and CVE-2025-48543, also an elevation of privilege problem in the Android Runtime component. Google noted […]
Brokewell Android malware delivered through fake TradingView ads
Cybercriminals are abusing Meta’s advertising platforms with fake offers of a free TradingView Premium app that spreads the Brokewell malware for Android. The campaign targets cryptocurrency assets and has been running since at least July 22nd through an estimated 75 localized ads. Brokewell has been around since early 2024 and features a broad set of capabilities that […]
Google to verify all Android devs to block malware on Google Play
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from sideloaded apps sourced from outside the official Google Play app store. For apps on Google Play, there was already a requirement for publishers to provide a D-U-N-S (Data Universal Numbering System) number, introduced on August 31, 2023. Google says this has had a notable […]
Malicious Android apps with 19M installs removed from Google Play
Seventy-seven malicious Android apps with more than 19 million installs were delivering multiple malware families to Google Play users. This malware infiltration was discovered by Zscaler’s ThreatLabs team while investigating a new infection wave with Anatsa (Tea Bot) banking trojan targeting Android devices. While most of the malicious apps (over 66%) included adware components, the most common Android […]
New Android malware poses as antivirus from Russian intelligence agency
A new Android malware posing as an antivirus tool software created by Russia’s Federal Security Services agency (FSB) is being used to target executives of Russian businesses. In a new report from Russian mobile security firm Dr. Web, researchers track the new spyware as ‘Android.Backdoor.916.origin,’ finding no links to known malware families. Among its various […]
ERMAC Android malware source code leak exposes banking trojan infrastructure
The source code for version 3 of the ERMAC Android banking trojan has been leaked online, exposing the internals of the malware-as-a-service platform and the operator’s infrastructure. The code base was discovered in an open directory by Hunt.io researchers while scanning for exposed resources in March 2024. They located an archive named Ermac 3.0.zip, which contained the malware’s code, including backend, […]