Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call historie...
20 articles
Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call historie...
The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data.
Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes. The post Flaw in Claude’s Chrome exten...
Anthropic Claude’s Chrome browser extension, known as Claude in Chrome, has a bug that can allow other malicious extensions to hijack it, compromising truste...
Google has expanded Play Policy Insights in Android Studio to help developers catch policy issues while coding, including warnings for common problems such a...
Lax extension permissions and improper trust implementation allow attackers to inject prompts in the Claude Chrome extension. The post Vulnerability in Claud...
People use mental health apps to talk about depression, trauma and suicidal thoughts in moments they may not share with anyone else. Many users likely assume...
NetGuard is a free, open-source firewall for Android phones and tablets that provides users with a simple way to block internet access. Android does not allo...
Over the past decade, Google has introduced a wide range of bug bounty programs for its software and services. The company has now announced that the reward ...
The fresh browser update resolves critical-severity integer overflow and use-after-free vulnerabilities. The post Chrome 148 Rolls Out With 127 Security Fixe...
28 fake “call history” utilities on Google Play, collectively installed more than 7.3 million times, have been exposed as subscription scams that generate fa...
Cybersecurity researcher Alexander Hanff claims that Google Chrome automatically installs a 4GB Gemini Nano AI model without user notification or consent.
Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclo...
A new Mirai‑based botnet, xlabs_v1, hijacks ADB‑exposed IoT devices for powerful DDoS attacks, with 21 flooding methods and DDoS‑for‑hire use. A new Mirai‑de...
Scams targeting Android users in India and across the Asia-Pacific region have grown around a long-standing curiosity gap: the desire to look up call records...
ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven mil...
Hackers are abusing Google Ads to steal GoDaddy ManageWP credentials by placing a look‑alike phishing ad above the legitimate ManageWP result and proxying vi...
Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company...
A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy's platform for managing fleets of WordPr...
Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug...