Version-Level Third-Party Library Detection in Android Applications Via Class Structural Similarity

Android applications apps integrate reusable and well-tested third-party libraries TPLs to enhance functionality and shorten development cycles. However, recent research reveals that TPLs have become the largest attack surface for Android apps, where the use of insecure TPLs can compromise both...

CVE-2023-6540

A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information...

CVE-2021-20873

Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may ...

CVE-2019-1487

An information disclosure vulnerability in Android Apps using Microsoft Authentication Library MSAL 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'...

LM-Scout: Analyzing the Security of Language Model Integration in Android Apps

Developers are increasingly integrating Language Models LMs into their mobile apps to provide features such as chat-based assistants. To prevent LM misuse, they impose various restrictions, including limits on the number of queries, input length, and allowed topics. However, if the LM integration...

Exploit for Deserialization of Untrusted Data in Google Android

Exploration of CVE-2024-31317 CVE-2024-31317 provides unprivi...

CVE-2025-30609 WordPress AppExperts plugin <= 1.4.3 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through = 1.4.3...

CVE-2025-1939

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could be used to trick a user into granting sensitive permissions by hiding what...

CVE-2025-1939

Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability was fixed in Firefox 136...

CVE-2025-1939

Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox 136...

CVE-2025-1939 Tapjacking in Android Custom Tabs using transition animations

Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability was fixed in Firefox 136...

CVE-2025-1939

Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability was fixed in Firefox 136...

CVE-2025-1939

CVE-2025-1939 is an Android/Firefox-related issue where the Custom Tabs transition animation could be leveraged to mislead users into granting sensitive permissions by obscuring what they click. The vulnerability explicitly affects Mozilla Firefox versions older than 136.0. Impact concerns includ...

CVE-2025-1939 Tapjacking in Android Custom Tabs using transition animations

Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability was fixed in Firefox 136...

Take my money: OCR crypto stealers in Google Play and App Store

Update 07.02.2025: Google removed malicious apps from Google Play. Update 06.02.2025: Apple removed malicious apps from the App Store. In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. Some of these scanned users' image galleries in search of...

Google Bans 158,000 Malicious Android App Developer Accounts in 2024

Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from...

CVE-2024-11358 Insecure Android File Provider Paths

Mattermost Android Mobile Apps versions =2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider...

Google Sues App Developers Over Fake Crypto Investment App Scam

Google has filed a lawsuit in the U.S. against two app developers for allegedly engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of...

DroidLysis - Property Extractor For Android Apps

DroidLysis is a pre-analysis tool for Android apps: it performs repetitive and boring tasks we'd typically do at the beginning of any reverse engineering. It disassembles the Android sample, organizes output in directories, and searches for suspicious spots in the code to look at. The output help...

DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan

The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are als...