APK Malformation Found in Thousands of Android Malware Samples
APK malformation tactic now appears in over 3000 Android malware samples evading static analysis
20 articles
APK malformation tactic now appears in over 3000 Android malware samples evading static analysis
Written by: Jamie Collier, Robin Grunewald Germany has reclaimed its position as a primary focus for cyber extortion in Europe. While data leak site (DLS) po...
Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions,...
108 malicious Chrome extensions steal sessions, Google data, inject ads via single C2 infrastructure
Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users
Posted by Jiacheng Lu, Software Engineer, Google Pixel Team Google is continuously advancing the security of Pixel devices. We have been focusing on hardenin...
Chrome’s Device Bound Session Credentials is designed to block infostealers from harvesting session cookie
Google’s threat intel team warns UNC6783, a new extortion group possibly linked to the “Raccoon” persona, is targeting BPOs and enterprises
Google API key flaw exposes mobile apps to Gemini AI access, private files and billing risks
Posted by Adam Gavish, Google GenAI Security Team Indirect prompt injection (IPI) is an evolving threat vector targeting users of complex AI applications wit...
Written by: Stuart Carrera Introduction Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving ...
Android requires dev identity verification for sideloaded apps; phased global rollout from September
Posted by Dirk Göhmann, Tony Mendez, and the Vulnerability Rewards Program Team 2025 marked a special year in the history of vulnerability rewards and bug bo...
Written by: Austin Larsen, Dima Lenz, Adrian Hernandez, Tyler McLellan, Christopher Gardner, Ashley Zaya, Michael Rudden, Mon Liclican, Muhammad Umair Introd...
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts
Posted by Eric Lynch, Product Manager, Android and Dom Elliott, Group Product Manager, Google Play Modern digital security is at a turning point. We are on t...
Expel has warned of malicious Chrome extensions stealing users’ AI conversations
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data