Caribou is an Android app that does what RFID cardkeys do with locked doors. Caribou remotely connects to a server managing the locks at a supposedly secure location, and exploits the servers’ poor ...

Pixnapping could be used to steal private data, including 2FA codes. Side-channel attack abuses Google Android APIs to steal data on display. Flaw is partially patched, although a more complete fix is ...

Google has confirmed that a critical Android vulnerability, CVE-2026-0073, could enable remote code execution without any ...

Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and sideloaded fake apps to steal PINs.

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk.

Like any other computer, smartphones are prone to some nasty malware, and the latest exploit discovered in Android is equal parts ingenious and horrifying. The last thing most Android users worry ...

Google has confirmed a critical security vulnerability across Android versions 14, 15 and 16 that requires no user ...

Your phone lock screen is supposed to be your last line of defense. If your device gets lost or stolen, that PIN or passcode should keep strangers out of your photos, messages and financial apps. But ...

Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical ...