Pierluigi Paganini
August 06, 2025
Google addressed multiple Android flaws, including two Qualcomm vulnerabilities that were actively exploited in the wild. Google released security updates to address multiple Android vulnerabilities, including two Qualcomm flaws, tracked as CVE-2025-21479 (CVSS score: 8.6) and CVE-2025-27038 (CVSS score: 7.5), that were actively exploited in the wild. In June, Google Android Security team reported three […]
Pierluigi Paganini
August 04, 2025
PlayPraetor Android RAT has hit 11K+ devices, spreading fast via campaigns targeting Spanish and French speakers, say Cleafy researchers. Cleafy researchers have identified a new Android RAT called PlayPraetor, which has infected over 11,000 devices, mainly in Portugal, Spain, France, Morocco, Peru, and Hong Kong. The malware is spreading rapidly, with more than 2,000 new […]
Pierluigi Paganini
July 15, 2025
A new Konfety Android malware variant uses a malformed ZIP and obfuscation to evade detection, posing as fake apps with no real functionality. Zimperium zLabs researchers are tracking a new, sophisticated Konfety Android malware variant that uses an “evil-twin” tactic and duplicate package names to avoid detection. The new Konfety malware variants use malformed ZIP, […]
Pierluigi Paganini
July 04, 2025
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered […]
Pierluigi Paganini
June 03, 2025
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America. […]
Pierluigi Paganini
May 06, 2025
Google addressed 46 Android security vulnerabilities, including one issue that has been exploited in attacks in the wild. Google’s monthly security updates for Android addressed 46 flaws, including a high-severity vulnerability, tracked as CVE-2025-27363 (CVSS score of 8.1), that has been exploited in the wild. The company did not disclose any details regarding the attacks […]
Pierluigi Paganini
April 24, 2025
A new Android spyware was discovered in a fake Alpine Quest app, reportedly used by Russian soldiers for war zone planning. Doctor Web researchers uncovered a new spyware, tracked as Android.Spy.1292.origin, targeting Russian military personnel. The malicious code was hidden in a trojanized Alpine Quest app and spread via Russian Android catalogs. The malware steals […]
Pierluigi Paganini
April 21, 2025
‘SuperCard X’ – a new MaaS – targets Androids via NFC relay attacks, enabling fraudulent POS and ATM transactions with stolen card data. Cleafy researchers discovered a new malware-as-a-service (MaaS) called SuperCard X targeting Android devices with NFC relay attacks for fraudulent cash-outs. Attackers promote the MaaS through Telegram channels, analysis shows SuperCard X builds […]
Pierluigi Paganini
April 08, 2025
Google addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days. Google released Android ‘s April 2025 security updates to address 62 vulnerabilities, including two zero-day vulnerabilities (CVE-2024-53197, CVE-2024-53150) exploited in targeted attacks. The vulnerability CVE-2024-53197 is a Linux kernel issue affecting ALSA USB audio. Malicious devices […]
Pierluigi Paganini
March 29, 2025
The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. “Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from […]
