CVE-2021-20873

Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may ...

Yappli has unspecified vulnerabilities

Yappli, an application development platform from Yappli Japan, has a security vulnerability in Yappli Android Apps that could be exploited by attackers to access malicious websites containing carefully constructed URLs, where the application could be directed to connect to certain unintended...

JVN#66422035: Android Apps developed using Yappli fails to restrict custom URL schemes properly

Yappli provided by Yappli, Inc. is an application development platform. Android Apps that are developed with Yappli provide the function to access a requested URL using Custom URL Scheme. The access to the function is not restricted properly CWE-939 which may be exploited to direct the App to...

Yappli 安全漏洞

Yappli, an application development platform from Yappli Japan, has a security vulnerability in Yappli Android Apps that could be exploited by attackers to access malicious websites containing carefully constructed URLs, where the application could be directed to connect to certain unintended...

Hackers Targeting Brazil's PIX Payment System to Drain Users' Bank Accounts

Two newly discovered malicious Android applications on Google Play Store have been used to target users of Brazil's instant payment ecosystem in a likely attempt to lure victims into fraudulently transferring their entire account balances into another bank account under cybercriminals' control...

What You Should Know About the Google Play Store Changes

With the first updates kicking in this month, Android apps should be more streamlined and lightweight. Google is also getting a greater level of control...

Updated Joker Malware Floods into Android Apps

The Joker mobile trojan is back on Google Play, with an uptick in malicious Android applications that hide the billing-fraud malware, researchers said. It’s also using new approaches to skirt past Google’s app-vetting process. Joker has been around since 2017, disguising itself within common,...

Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices. "The impact of these bugs could have allowed an attacker t...

Bbscope - Scope Gathering Tool For HackerOne, Bugcrowd, And Intigriti!

The ultimate scope gathering tool for HackerOne, Bugcrowd, and Intigriti by sw33tLie. Need to grep all the large scope domains that you've got on your bug bounty platforms? This is the right tool for the job. What about getting a list of android apps that you are allowed to test? We've got you...

VPN Android apps: What you should know

Months ago, we told readers about the importance of using a VPN on their iPhones, and while those lessons do apply to Android devices—a VPN for Android will encrypt your Android’s web activity and app traffic, and it will stop your mobile carrier from monetizing your data—Android users should...

23 Android Apps Expose Over 100,000,000 Users' Personal Data

Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors. "By not following best-practices when configuring and integrating third-party cloud-services into applications, millions of users'...

BRATA Malware Poses as Android Security Scanners on Google Play Store

A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information. "These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in...

Adware Spreads via Fake TikTok App, Laptop Offers

Malicious Android apps disguised as TikTok and offers for free Lenovo laptops are being used in ad-stuffing attacks underway against devices on the Jio telecom network in India, security researchers warn. Researchers from Zscaler report this threat actor has been operating various phishing scams...

9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware

Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial accounts of victims as well as full control of their devices. "This...

9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware

Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial accounts of victims as well as full control of their devices. "This...

CVE-2021-27549

Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android application by default. NOTE: the vendor's position is that this is intended behavior that can be changed through the Settings Device screen...

Update service for Android gaming emulator abused to drop malware

By Saad Rajpoot The malware attack involves NoxPlayer; which is an emulator used for running Android apps on Windows and macOS. This is a post from HackRead.com Read the original post: Update service for Android gaming emulator abused to drop malware...

Warning — 5 New Trojanized Android Apps Spying On Users In Pakistan

Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Porta l, a Muslim prayer-clock ap...

Warning — 5 New Trojanized Android Apps Spying On Users In Pakistan

Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Portal, a Muslim prayer-clock app...

Several Unpatched Popular Android Apps Put Millions of Users at Risk of Hacking

A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Many popular apps, including Grindr, Bumble, OkCupid, Cisco Teams, Moovit,...