#android

Kaspersky uncovers SparkKitty, new spyware in Apple App Store & Google Play. Steals photos, targets crypto info, active since early 2024 via malicious apps.

Like its predecessor, SparkCat, the new malware appears to be going after sensitive data — such as seed phrases for cryptocurrency wallets — in device photo galleries.

Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions versions 0.2.116 through 1.0.23 are vulnerable. For Jetbrains IDE plugins, Claude Code [beta] versions 0.1.1 through 0.1.8 are vulnerable. In VSCode (and forks), exploitation would allow an attacker to read arbitrary files, see the list of files open in the IDE, get selection and diagnostics events from the IDE, or execute code in limited situations where a user has an open Jupyter Notebook and accepts a malicious prompt. In JetBrains IDEs, an attacker could get selection events, a list of open files, and a list of syntax errors. **Remediation** We released a patch for this issue on June 13th, 2025. Although Claude Code auto-updates when you launch it and auto-updates the extensions, you...

Anubis ransomware group claims a 64GB data breach at Disneyland Paris, leaking some engineering files and attraction plans via its dark web site.

### Impact Under specific circumstances, text composables may contain unmasked sensitive data in Android session replays. You may be impacted if you meet the following conditions: - Using any `sentry-android` with versions < 8.14.0 - Using Jetpack Compose >= [1.8.0-alpha08](https://developer.android.com/jetpack/androidx/releases/compose-ui#1.8.0-alpha08) - Have configured Sentry Session Replays for Android If you do not use Jetpack Compose or have never used a version >= 1.8.0-alpha08 you are not impacted. If you have not configured [Session Replays for Mobile](https://docs.sentry.io/product/explore/session-replay/mobile/) you are not impacted. ### How do I check if I'm impacted? If you meet the conditions above, the `sentry-android` package includes a [specific error log](https://github.com/getsentry/sentry-java/blob/b2920907e6afb69a8027cedb251dd94a3514f0e6/sentry-android-replay/src/main/java/io/sentry/android/replay/viewhierarchy/ComposeViewHierarchyNode.kt#L252-L261) that woul...

Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns," PRODAFT said in a report

Meta Platforms on Wednesday announced that it's adding support for passkeys, the next-generation password standard, on Facebook. "Passkeys are a new way to verify your identity and login to your account that's easier and more secure than traditional passwords," the tech giant said in a post. Support for passkeys is expected to be available "soon" on Android and iOS mobile devices. The feature is

Zimperium zLabs reveals GodFather malware’s advanced virtualization that hijacks mobile banking and crypto apps. Learn how it steals data on your phone.

The Android malware is targeting Turkish financial institutions, completely taking over legitimate banking and crypto apps by creating an isolated virtualized environment on a device.

WhatsApp has announced it will start showing its users targeted ads. Will this be yet another Meta "Pay or OK" choice?