EarSpy – Android New Attack Vector

EarSpy – Android New Attack Vector

A new evolving eavesdropping attack has been developed by a team of security experts for Android devices, dubbed EarSpy. With this attack type, threat actors can get hands-on sensitive content.…
Apple fixes 10th Zeroday Exploit of 2022

Apple fixes 10th Zeroday Exploit of 2022

Apple has released patches to address a new zero-day vulnerability (10th of year 2022), tracked as CVE-2022-42856, which is actively exploited in attacks against iPhones. Apple released security bulletins for…
Charybdis and Scylla Bound Malicious Apps

Charybdis and Scylla Bound Malicious Apps

The threat actors behind a newly discovered malicious advertising app operation has become more sophisticated, expanding beyond its previous Android-specific attacks into the iOS ecosystem. The latest campaign, included 80…
Apple Webkit Vulnerability gets a patch

Apple Webkit Vulnerability gets a patch

Apple has released updates to backport patches released this month to older iPhone and iPad devices addressing the CVE-2022-32893 flaw. This flaw is an out-of-bounds issue that impacts WebKit. An attacker can trigger the flaw by tricking…
Xiaomi Mobile Payment Vulnerability

Xiaomi Mobile Payment Vulnerability

Vulnerabilities in Xiaomi’s mobile payment could lead to an attacker stealing private keys used to sign Wechat Pay control and payment packages. The flaws were found in Xiaomi's trusted execution…
Pre-installed Android Apps a threat

Pre-installed Android Apps a threat

The Microsoft 365 Defender Research Team has discovered four vulnerabilities trackd as CVE-2021-42598,  CVE-2021-42599- Comnand injection Vulnerability,  CVE-2021-42600, and CVE-2021-42601- Privilege Escalation vulnerability, in a mobile framework, owned by mce Systems, that…