Other instant messaging apps also targeted by malware. Researchers have discovered a new type of Android malware that steals data from instant messaging apps on Android devices.
Another day, some more Android malware, although this particular strain has a couple of ingenious tricks up its sleeve. A series of apparently innocent QR Code reader apps appear to have potentially compromised 500,000 users.
A new Android malware family dubbed HenBox is targeting a large online population based in China who have been the subject of numerous cyber-attacks in the past.
Researchers warn that malware could be used to blackmail users. New malware has been discovered that could eavesdrop on Android smartphone users and run up huge bills.
A new version of a familiar menace, AndroRAT, has emerged from out of the trash to exploit long forgotten vulnerabilities.
Drive-by cryptomining campaigns were spotted targeting millions of Android devices via infected apps and malicious browser redirects.
Malicious cryptominers are going mobile and beyond with a new botnet malware targeting Android-based devices that expose debug capabilities to the internet, for the purpose or mining Monero.
Mozilla patched an unsanitised output flaw in its Firefox browser user interface that could lead to arbitrary code execution.
A new threat actor named Dark Caracal working out of a building operated by the Lebanese General Directorate of General Security (GDGS) has been identified as being behind cyber-attacks hitting victims in more than 20 nations.
Three Sonic the Hedgehog games for Android devices that collectively have been downloaded well over a hundred million times are leaking users' geolocation and device data to uncertified servers.
Researchers have discovered a fake utility app called Swift Cleaner that they believe may be the first Android mobile malware developed using the open-source Kotlin programming language.
A newly discovered mobile adware program called LightsOut was recently observed in 22 fake Android flashlight and utility applications, reportedly prompting their removal from the Google Play Store.
A credentials-stealing malware program disguised as an Android app was recently found spoofing an Uber user interface, and even leveraging a deep link uniform resource identifier from the ride-sharing app to appear legitimate.
A newly discovered spyware that victimises Arabic-speakers has been potentially linked to the 2014-15 Sphinx cyber espionage campaign, which was launched by the threat group APT-C-15 to target PC users in the Middle East.
A serious vulnerability in Android could put millions of devices at risk from attackers modifying code in applications without affecting their signatures.
Checkpoint researchers discovered several vulnerabilities in Android application developer tools that put any organisation that does Java/Android development at risk of an outsider gaining access to their system.
Collectively downloaded millions of times, 158 fake Android applications containing mobile malware were recently found smuggled into the Google Play Store.
A new malware uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.
An Android banking trojan dubbed LokiBot turns into a ransomware when users try to remove its admin privileges in a last ditch effort to extort the user.
The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks.
A new vulnerability has been discovered affecting older versions of the Google Android Platform.It can be used to easily enable an "overlay attack", tricking the user into unwittingly installing malware onto the device.
In the first half of 2017, incidences of Android malware increased more than five percent since the start of the year. Most notably, incidents of Android ransomware increased 138 percent in Q2 .
Highly sophisticated SpyDealer malware attacks Android operating systems and can exfiltrate data from a range of popular apps.
A new Microsoft Authenticator app feature sends device owners a notification when they sign in, rather than a one-time code to enter. Users simply tap an "Approve" button to access their accounts.
According to the researchers, the apps were infected with "tiny hidden iFrames that link to malicious domains in their local HTML pages".
With such low adoption rates of the latest security patches, security bods have said it is increasingly difficult to protect Android users who might not be tech-savvy enough out of harm's way.
In Case You Missed It: HMRC implements DMARC; Windows bug revealed; UK-China cooperation; ViperRat hacks Israeli defence; Supply-chain attack hidden
ViperRat discovered by researchers, designed to exfiltrate data from Israeli Defence Force via Android phones using honey traps.
In Case You Missed IT, this week's top stories on SCMedia were: Intel CPU vulnerability; German HR ransomware; Ransomware targets schools; Android most vulnerable; Exploding smart meters?
The Common Vulnerabilities and Exposures (CVE) statistics for 2016 are in and it doesn't make great reading for Google. Or does it? Davey Winder runs the numbers.