Tag: Android
Leftover Debug Flag in Microsoft 365 Android Apps Exposed Account Tokens
A leftover debug flag in Microsoft's shared Android SDK allowed any app on the same device to steal FOCI authentication…
MagicAd Android Trojan Uses Translucent Overlays to Bypass Ad Permissions
MagicAd uses translucent activity windows to display ads without Android's overlay permission, and was found in over 50 apps on…
Google Addresses 124 Android Flaws in June 2026 Security Update Amid Active Exploit
Google's June 2026 Android security update patches 124 vulnerabilities, including one high severity Framework flaw already exploited in limited targeted…
Fake News and PDF Apps Deploy Asin Spyware on Android Devices
ESET discovered the Asin Android spyware targeting Arabic speakers through fake government news sites, PDF editors, and war map applications…
CISA Adds Two Actively Exploited Flaws to Known Vulnerabilities Catalog
Two high severity vulnerabilities in Android and Linux kernel are now under active exploitation, forcing federal agencies to patch by…
Android Notification Poisoning Attack Lets Gemini Assistants Be Hijacked Remotely
SafeBreach researcher Or Yair discovered that Google Gemini on Android can be hijacked through poisoned notifications from WhatsApp, Slack, SMS,…
Forgotten Debug Flag in Microsoft 365 Android Apps Exposed Account Tokens to Any App
An overlooked debug flag in six Microsoft 365 Android apps allowed any untrusted app on the device to silently steal…
Android Framework Flaw Under Active Attack Allows Remote Privilege Escalation
The Android Framework vulnerability allows remote privilege escalation without user interaction, impacting devices running Android 14 through 16 QPR2.