New malware targets Brazilian users with Chromium browser extension

Pixnapping attack lets malicious apps steal sensitive data from Android devices The attack works, but requires a lot of "ifs" to properly achieve its goal https://buff.ly/03fMVub #CyberSecurity

Android's 2FA codes and private messages could be stolen in under 30 seconds ⌛—without a malicious app needing any permissions.This new "Pixnapping" attack is a stark reminder that security isn't just about permissions. By exploiting a GPU side-channel, a malicious app can effectively "read" your screen pixel by pixel, stealing any visible data.The key takeaway? Be extremely cautious about where you download apps. Sideloading remains a primary risk.https://https://lnkd.in/eFWrhDhb #CyberSecurity #Android #InfoSec #2FA #DataPrivacy #Pixnapping

Here’s the breakdown: 77 malicious Android apps slipped into Google Play, racking up over 19 million installs—packed with Joker malware, maskware, and even the Anatsa banking trojan. Crafty evasion tricks—including malformed APKs and dynamic decryption—helped them fly under the radar until Zscaler’s ThreatLabs raised the alarm. Google removed them after discovery, but the risks remain. #Observability isn’t just about uptime—it’s about spotting what shouldn’t be there. Read the full details to see why visibility and transparency are non-negotiable. #AndroidSecurity #MalwareDefense

🔒 A new Android vulnerability, dubbed “Pixnapping,” could allow malicious apps to steal sensitive on-screen data, including 2FA codes, emails, chats, and map details, from other apps in under 30 seconds. Developed as a proof of concept by researchers from UC Berkeley, UC San Diego, UW, and Carnegie Mellon, the exploit targets Android APIs and affects nearly all modern Android devices. While no active attacks have been detected, a full patch isn’t yet available. Google has issued a partial fix with more updates expected in December. Read more by Alexander Culafi in Dark Reading on this evolving threat: https://lnkd.in/ekK6zHbX #Cybersecurity #AndroidSecurity #Pixnapping #DataProtection #2FA #DarkReading

One Typo Could Cost You Everything! Your team visits hundreds of websites daily. But what if they're landing on fake ones, without realizing it? Cybercriminals create look-alike websites with nearly identical URLs: * goggle(dot)com * arnazon(dot)com * microsoft-help(dot)com A single rushed employee clicking on a fake URL is all it takes for credentials to be stolen, malware to be installed, or your network to be compromised. Threats Your Team Faces: Fake QR codes, Malicious mobile apps, spoofed websites appearing in paid search results; the list goes on and on. AND, hackers are constantly creating new ways to trick users. It is an endless cycle. Vigilance is the key to your safety! Protect Your Business NOW: * Train your team to bookmark key sites (banking, vendors, cloud services) * Always verify the padlock icon and exact URL before logging in * Deploy enterprise-grade security that blocks malicious domains * Double-check URLs on mobile devices. They're easier to spoof While technology is your safety net, your employees are the first line of defense. Train them. #CyberSecurityAwareness #SmallBusinessSecurity #PhishingPrevention

APIs are the digital handshake of your apps—secure that grip! Don’t just trust tokens; validate inputs, monitor traffic, and patch regularly. An open API without robust security is an open door for hackers. Lock it down before they walk in. 🛡️ #APISecurity #PentestingTips

Wow - #Vidar Stealer Bypassing Browser Security Via Direct Memory Injection to Steal Login Credentials The injected payload operates entirely within browser memory, extracting encryption keys directly from the active process address space rather than attempting to decrypt them from storage. The stolen encryption keys are then communicated back to the main malware process via named pipes, a technique that avoids creating disk artifacts that could be detected by forensic analysis or security software. Stay secure. https://lnkd.in/eNxsN9yz

🚨 Android Malware Masquerades as Telegram X to Seize Full Device Control Security researchers at Doctor Web have uncovered a sophisticated Android backdoor, Android.Backdoor.Baohuo 1.origin, disguised as Telegram X. This malware grants attackers' complete control over infected devices and Telegram accounts. 📱 Key Threat Features: Redis-based command and control infrastructure, a first in Android malware Clipboard interception exposes sensitive data like crypto wallet seeds and passwords Session cloaking to hide unauthorized access from victims Autonomous channel manipulation (joining, adding/removing users) without user awareness Multi-platform infection across smartphones, tablets, TV boxes, and even Android-based vehicles 🌍 Global Impact: Over 58,000 devices are infected, with active targeting in Brazil and Indonesia. Malware spreads via fake app stores and deceptive ads embedded in legitimate apps. 🧠 Technical Innovation: The malware uses three deployment variants, including LSPatch injection, while maintaining full Telegram functionality to avoid detection. Redis integration provides redundant C2 channels, enhancing resilience and stealth. 🔎 Takeaway: This marks a new era in mobile malware sophistication, blending deep system access with seamless user deception. Security teams must monitor third-party app sources and implement mobile threat defense solutions. #CyberSecurity #AndroidMalware #TelegramX #MobileThreats #RedisC2 #DoctorWeb #Infosec #ThreatIntel #MalwareAnalysis #APT #CyberThreats #ClipboardHijack #SOC #MobileSecurity

Even “legit” downloads can be compromised. #FortiGuard Labs researchers uncovered campaigns using SEO poisoning to spread fake versions of popular apps like Chrome, Signal, and WhatsApp. The installers deliver both the real app and #malware such as Gh0st RAT variants—making infections harder to detect. Article: #SC Media Read more: http://ftnt.me/F4525D

Even “legit” downloads can be compromised. #FortiGuard Labs researchers uncovered campaigns using SEO poisoning to spread fake versions of popular apps like Chrome, Signal, and WhatsApp. The installers deliver both the real app and #malware such as Gh0st RAT variants—making infections harder to detect. Article: #SC Media Read more: http://ftnt.me/57C05A