9 articles tagged with #mobile-security. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.
Microsoft discovered a critical vulnerability in the EngageLab SDK that exposed private wallet data across 30 million Android installations. The flaw allowed malicious applications to gain unauthorized read and write access to sensitive user information through Android intents, posing significant risks to cryptocurrency wallet users globally.
Ledger's security team discovered a critical vulnerability in MediaTek's secure boot chain that allows attackers to steal cryptocurrency seed phrases from Android devices in just 45 seconds. MediaTek has since patched the security flaw that could have compromised sensitive crypto wallet information on affected Android devices.
A security vulnerability in MediaTek-powered Android phones could allow attackers to extract encrypted data, including cryptocurrency wallet seed phrases, through a USB connection. This security flaw poses significant risks to crypto users who store wallet data on affected devices.
Ledger has discovered a chip vulnerability affecting 25% of Android smartphones that enables hackers to decrypt devices and steal sensitive data, including cryptocurrency wallet private keys. This security flaw poses significant risks to crypto holders who store their digital assets on affected Android devices.
Google discovered a new iOS exploit kit called Coruna that silently infiltrates iPhones through compromised websites to steal cryptocurrency from popular wallet apps including MetaMask, Phantom, and Trust Wallet. The attack requires no user interaction beyond visiting a malicious website on an unpatched iPhone device.
Google threat researchers discovered fake cryptocurrency websites hosting a new exploit kit capable of compromising iPhones to steal crypto assets. The sophisticated attack targets iOS devices specifically to hunt for and extract cryptocurrency holdings from victims.
Researchers have discovered a sophisticated iPhone exploit kit containing 23 iOS vulnerabilities being used for espionage and cryptocurrency scams. The hacking tool may have origins in US intelligence operations, raising concerns about state-sponsored cyber activities targeting crypto users.
Researchers discovered a critical security vulnerability in AI-powered GUI agents on Android, where malicious apps can hijack agent actions without requiring dangerous permissions. The 'Action Rebinding' attack exploits timing gaps between AI observation and action, achieving 100% success rates in tests across six popular Android GUI agents.
Researchers introduce the 'Turing Test on Screen,' a framework for measuring how well autonomous GUI agents can mimic human behavior to evade detection systems. The study reveals that current LLM-based agents exhibit unnatural interaction patterns and proposes humanization methods to improve their ability to operate undetected in adversarial digital environments.
