Tag Android

Google Fixes Quick Share Vulnerability Allowing Silent File Transfers Without Consent

Recent findings from cybersecurity experts reveal a vulnerability in Google’s Quick Share data transfer tool for Windows, which can be manipulated to cause denial-of-service (DoS) issues or transmit files to users’ devices without their consent. This flaw underscores serious security concerns for users relying on this peer-to-peer file-sharing utility. Categorized…

Read MoreGoogle Fixes Quick Share Vulnerability Allowing Silent File Transfers Without Consent

Google Launches Android Update to Address Two Actively Exploited Vulnerabilities

Google Addresses Vulnerabilities in Android with Latest Update In a recent security update, Google has addressed a total of 62 vulnerabilities in its Android operating system, revealing that two of these flaws have been exploited in real-world scenarios. The vulnerabilities, categorized as high-severity, stem from the USB sub-component of the…

Read MoreGoogle Launches Android Update to Address Two Actively Exploited Vulnerabilities

Microsoft Addresses 125 Vulnerabilities, Including Exploited Windows CLFS Flaw

In recent developments, Microsoft has unveiled critical security patches addressing a staggering array of 125 vulnerabilities across its software platforms. Among these, one vulnerability has been identified as under active exploitation in the wild, raising significant alarms within the cybersecurity community. Of the reported vulnerabilities, 11 are designated as Critical,…

Read MoreMicrosoft Addresses 125 Vulnerabilities, Including Exploited Windows CLFS Flaw

Experts Caution About RambleOn Android Malware Aiming at South Korean Journalists

Recent investigations reveal a sophisticated malware campaign allegedly orchestrated by North Korean state-sponsored actors targeting a journalist in South Korea. The malware, identified as RambleOn by the South Korean non-profit organization Interlab, appears to be part of a broader social engineering strategy aimed at gathering sensitive information. The spyware masquerades…

Read MoreExperts Caution About RambleOn Android Malware Aiming at South Korean Journalists

Researchers Identify 46 Key Vulnerabilities in Solar Power Systems from Sungrow, Growatt, and SMA

Cybersecurity researchers have revealed 46 critical security vulnerabilities in products provided by three prominent solar power system manufacturers: Sungrow, Growatt, and SMA. These vulnerabilities may allow malicious actors to commandeer affected devices or execute remote code, posing significant risks to electrical grid stability. Designated as SUN:DOWN by Forescout Vedere Labs,…

Read MoreResearchers Identify 46 Key Vulnerabilities in Solar Power Systems from Sungrow, Growatt, and SMA

Google Reveals 75 Zero-Day Exploits in 2024 — 44% Aimed at Enterprise Security Solutions

In a recent report, Google disclosed its findings on the exploitation of 75 zero-day vulnerabilities throughout 2024, a decline from 98 detected in 2023 yet an increase from the previous year’s 63. Notably, 44% of these vulnerabilities primarily targeted enterprise products, with 20 affecting security software and appliances. The Google…

Read MoreGoogle Reveals 75 Zero-Day Exploits in 2024 — 44% Aimed at Enterprise Security Solutions

Urgent Update: Google Addresses Exploited Android Vulnerability (CVE-2025-27363)

On May 1, 2025, Google released its latest monthly security updates for Android, addressing 46 security vulnerabilities, including a high-severity flaw that has been confirmed as exploited in the wild. This specific vulnerability, registered as CVE-2025-27363, boasts a CVSS score of 8.1, indicating significant potential risks due to its ability…

Read MoreUrgent Update: Google Addresses Exploited Android Vulnerability (CVE-2025-27363)

German and South Korean Agencies Caution Against Kimsuky’s Growing Cyber Attack Techniques

Cyber Threat Alert: Kimsuky Group Targets Gmail Inboxes Using Rogue Browser Extensions Recent advisories from government agencies in Germany and South Korea have highlighted a concerning wave of cyberattacks attributed to a North Korean threat actor known as Kimsuky. This group has been leveraging malicious browser extensions to infiltrate users’…

Read MoreGerman and South Korean Agencies Caution Against Kimsuky’s Growing Cyber Attack Techniques

New Malware Threat: SpyNote, BadBazaar, and MOONSHINE Target Android and iOS Users Through Fake Apps

April 11, 2025
Spyware / Mobile Security

Cybersecurity experts have uncovered a dangerous trend where threat actors are using deceptive websites on newly registered domains to spread SpyNote, a notorious Android malware. These fraudulent sites mimic Google Play Store installation pages for popular apps like the Chrome browser, aiming to trick users into downloading the malware. According to the DomainTools Investigations (DTI) team, the attackers employed a combination of English and Chinese-language delivery sites and even included Chinese-language comments in the site code and the malware itself.

SpyNote (also known as SpyMax) is a remote access trojan infamous for its capability to collect sensitive information from compromised Android devices by exploiting accessibility services. In May 2024, the malware was distributed via another fake site that posed as a legitimate antivirus program, Avast. Further analysis from mobile security firm Zimperium revealed additional tactics employed by these cybercriminals…

SpyNote, BadBazaar, and MOONSHINE Malware Exploit Fake Apps to Target Android and iOS Users April 11, 2025 Focus on Spyware / Mobile Security Recent investigations by cybersecurity experts have unveiled a concerning trend: threat actors are leveraging newly registered domains to create deceptive websites that distribute a dangerous Android malware…

Read More

New Malware Threat: SpyNote, BadBazaar, and MOONSHINE Target Android and iOS Users Through Fake Apps

April 11, 2025
Spyware / Mobile Security

Cybersecurity experts have uncovered a dangerous trend where threat actors are using deceptive websites on newly registered domains to spread SpyNote, a notorious Android malware. These fraudulent sites mimic Google Play Store installation pages for popular apps like the Chrome browser, aiming to trick users into downloading the malware. According to the DomainTools Investigations (DTI) team, the attackers employed a combination of English and Chinese-language delivery sites and even included Chinese-language comments in the site code and the malware itself.

SpyNote (also known as SpyMax) is a remote access trojan infamous for its capability to collect sensitive information from compromised Android devices by exploiting accessibility services. In May 2024, the malware was distributed via another fake site that posed as a legitimate antivirus program, Avast. Further analysis from mobile security firm Zimperium revealed additional tactics employed by these cybercriminals…