New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by ...

"Pixnapping" vulnerability lets Android apps steal 2FA codes in 30 seconds

The 30 second interval was picked as authentication codes refresh within that time. Pixnapping bypasses Android's entire ...
Infosecurity-magazine.com

Large-Scale Malicious App Campaign Bypassing Android Security

A large-scale ad fraud campaign has resulted in more than 60 million downloads of malicious apps from the Google Play Store, according to a new analysis by Bitdefender. These apps display ...
HotHardware

Alarming TapTrap Attack Employs An Invisible UI Trick To Bypass Android Security

A group of security researchers has developed an alarming tapjacking attack called TapTrap, which allows zero-permission apps to carry out actions that are not displayed on the screen. With TapTrap, ...
The Hacker News

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Pixnapping side-channel can steal 2FA codes pixel-by-pixel on Android 13–16; CVE-2025-48561 patched Sept 2025 but workaround ...

Pixnapping can steal 2FA codes and messages on Android phones: Here’s how you can stay safe

New Android exploit “Pixnapping” can secretly read on-screen data like 2FA codes and messages using pixel timing — even ...
Crypto News

Warning to Android Crypto Users: New ‘Pixnapping’ Attack Can Steal Seed Phrases ...

Researchers have detailed the Pixnapping attack on Android, which has inferred on-screen data and exposed seed phrases and ...
The Daily Hodl

Hackers Exploiting WhatsApp To Steal Bank Customers’ Credentials, Warns Cybersecurity ...

Cybersecurity researchers are warning about a dangerous new malware strain that targets banking customers by exploiting ...
Bleeping Computer

Critical auth bypass bug in CrushFTP now exploited in attacks

Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security ...