GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks…
New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control
A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a "full spectrum" of features to…
Why IT Admins Choose Samsung for Mobile Security
Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for…
New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device…
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware
A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware…
Securing the Open Android Ecosystem with Samsung Knox
Raise your hand if you've heard the myth, "Android isn't secure." Android phones, such as the Samsung Galaxy, unlock new ways of working. But,…
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data
Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting…
Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected…
New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human
Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns…
Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature
Microsoft has disclosed two critical vulnerabilities in its Windows BitLocker encryption feature, allowing attackers with physical access to…
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal…
In Defense of Good Bots: Good Bots Exist, But Only When We Build Them That Way
The word “bot” doesn’t have the best reputation right now. You hear it and think of election manipulation, fake social media…
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike…
ClayRat Spyware Campaign Targets Android Users in Russia
A rapidly evolving Android spyware campaign known as “ClayRat” has been discovered targeting Russian users through Telegram…
CISA KEV Catalog Update October 2025 – Part I
CISA recently updated its Known Exploited Vulnerabilities (KEV) catalog with critical vulnerabilities across GNU Bash, Juniper, Samsung,…
Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro
Cybersecurity researchers have discovered two Android spyware campaigns dubbed ProSpy and ToSpy that impersonate apps like Signal and ToTok to…
That annoying SMS phish you just got may have come from a box like this
The researchers added: “This campaign is notable in that it demonstrates how impactful smishing operations can be executed using simple,…
New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones
A previously undocumented Android banking trojan called Klopatra has compromised over 3,000 devices, with a majority of the infections…
48+ Cisco Firewalls Vulnerable to Actively Exploited 0-Day Vulnerability in the Wild
A critical zero-day vulnerability affecting thousands of Cisco firewalls is being actively exploited by threat actors in the wild. The…
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO)…
Experts Warn of Global Breach Risk from Indian Suppliers
Global supply chains could be at risk after a new report revealed a surprisingly high share of Indian vendors have suffered a third-party…
The Future of Travel Technology
As technology continues to advance in society, everyday necessities are becoming more accessible by the day. Electronic passports are quickly…
Ivanti EPMM holes let miscreants plant shady listeners, CISA says
An unknown attacker has abused a couple of flaws in Ivanti Endpoint Manager Mobile (EPMM) and deployed two sets of malware against an unnamed…
WatchGuard Patches Critical Firebox Firewall Flaw (CVE-2025-9242) With 9.3 CVSS Score
WatchGuard has issued security updates addressing a vulnerability, tracked as CVE-2025-9242, affecting its Firebox firewall devices. This flaw…
CISA Warns of Malicious Listener Malware Exploiting Ivanti Endpoint Manager Mobile
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new Malware Analysis Report (MAR) detailing how threat actors are…
Critical WatchGuard Vulnerability Allows Unauthenticated Attacker to Execute Arbitrary Code
A critical vulnerability has been discovered in WatchGuard’s Firebox firewalls, which could allow a remote, unauthenticated attacker to…
SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids
A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps, collectively attracting 38 million downloads across 228…
Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices
Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked as…
Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks
Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in…
Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity
Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity (C2PA) standard…
CVE-2025-58063: CoreDNS Vulnerability Could Disrupt DNS Updates
Ddos September 11, 2025 The CoreDNS project has disclosed a vulnerability in its etcd plugin, tracked as CVE-2025-58063 (CVSS 7.1), which…
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication (NFC) relay attacks to a…
Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack
Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September…
CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE…
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used…
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue…
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute…
iPhone Users Urged to Update to Patch 2 Zero-Days
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are…
New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits
Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay…