mobile
Russia to enforce location tracking app on all foreigners in Moscow
The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. The new proposal was announced by the chairman of the State Duma, Vyacheslav Volodin, who presented it as a measure to tackle migrant crimes. “The adopted mechanism will allow, using modern technologies, […]
Android 16 expands ‘Advanced Protection’ with device-level security
Google is announcing improvements for the Advanced Protection feature in Android 16 that strengthen defenses against sophisticated spyware attacks. The Android platform has been a constant target for spyware campaigns and sophisticated attacks using digital forensics platforms that often rely on zero-day vulnerabilities to infect devices with minimal or no user interaction. Google already offers the ‘Advanced Protection Program‘ […]
Bluetooth 6.1 enhances privacy with randomized RPA timing
The Bluetooth Special Interest Group (SIG) has announced Bluetooth Core Specification 6.1, bringing important improvements to the popular wireless communication protocol. One new feature highlighted in the latest release is the increased device privacy via randomized Resolvable Private Addresses (RPA) updates. “Randomizing the timing of address changes makes it much more difficult for third parties […]
Google fixes actively exploited FreeType flaw on Android
Google has released the May 2025 security updates for Android with fixes for 45 security flaws, including an actively exploited zero-click FreeType 2 code execution vulnerability. FreeType is a popular open-source font rendering library that displays and programmatically adds text to images. The flaw, tracked as CVE-2025-27363, is a high-severity arbitrary code execution bug discovered by […]
Microsoft ends Authenticator password autofill, moves users to Edge
Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025. The decision is to streamline autofill support and consolidate credentials management under a single platform, Microsoft Edge. The move requires action from impacted users as they are given […]
Russian army targeted by new Android malware hidden in mapping app
A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. Attackers promote the trojanized app as a free, cracked version of the premium Alpine Quest Pro, using Telegram channels and Russian app catalogs for distribution. […]
Toll payment text scam returns in massive phishing wave
An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority that attempts to […]
Verizon Call Filter API flaw exposed customers’ incoming call history
A vulnerability in Verizon’s Call Filter feature allowed customers to access the incoming call logs for another Verizon Wireless number through an unsecured API request. The flaw was discovered by security researcher Evan Connelly on February 22, 2025, and was fixed by Verizon sometime in the following month. However, the total period of exposure is unknown. Verizon’s Call […]
Apple backports zero-day patches to older iPhones and Macs
Apple has released security updates that backport fixes for actively exploited vulnerabilities that were exploited as zero-days to older versions of its operating systems. At the same time, the consumer tech giant released security updates for the latest stable iOS, iPadOS, and macOS, addressing numerous security flaws. Backporting zero-day fixes The first backport concerns CVE-2025-24200, a flaw […]
New Android malware uses Microsoft’s .NET MAUI to evade detection
New Android malware campaigns use Microsoft’s cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. The tactic was observed by McAfee’s Mobile Research Team, a member of the App Defense Alliance dedicated to enhancing Android security. Although the apps McAfee observed target users in China and India, uncovering the attacks is important […]