Microsoft Word for Android Spoofing Vulnerability

Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally...

Microsoft PowerPoint for Android Spoofing Vulnerability

Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally...

Microsoft 365 Copilot for Android Spoofing Vulnerability

Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network TON for command-and-control C2. The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet...

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

Apple on Monday officially released iOS 26.5 with support for end-to-end encryption E2EE to Rich Communication Services RCS in beta as part of a "cross-industry effort" to replace traditional SMS with a more secure alternative. To that end, E2EE RCS messaging is rolling out to iPhone users runnin...

PT-2026-40267

A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...

KLA91041 Multiple vulnerabilities in Microsoft Apps

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft 365 Copilot for Android can be exploited remotely t...

Microsoft Office 安全漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There are security vulnerabilities in Microsoft Office. Attackers can exploit these...

Microsoft Edge for Android 安全漏洞

Microsoft Edge for Android is a browser in the Android operating system developed by the American company Microsoft. There are security vulnerabilities in Microsoft Edge for Android. Attackers use these vulnerabilities to carry out phishing attacks...

Fortinet FortiTokenAndroid 安全漏洞

Fortinet FortiTokenAndroid is a mobile security authentication application developed by Fortinet, Inc. It provides two-factor authentication and dynamic password generation features. There are security vulnerabilities in all versions of Fortinet FortiTokenAndroid, including 6.2, 6.1, and 5.2. The...

Microsoft Office 安全漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There are security vulnerabilities in Microsoft Office. Attackers can exploit these...

Microsoft Office 访问控制错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is an access control error vulnerability in Microsoft Office. Attackers utilize this...

CVE-2026-33362

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and white-label Android apps = 1.8.x latest observed, multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys...

CVE-2026-33362 Meari SDK hardcoded cryptographic keys

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and white-label Android apps = 1.8.x latest observed, multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys...

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

"Kura Sushi Official App" vulnerable to improper certificate validation

Overview "Kura Sushi Official App" provided by EPG, Inc. contains the following vulnerability. Improper certificate validation on push notifications CWE-295 - CVE-2026-41872 This analysis assumes a man-in-the-middle attack being conducted with a malicious wireless LAN access point Tsuyoshi Ogawa ...

KLA91027 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions, obtain sensitive information. Below is a complete list of...

PT-2026-40186

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description A user interface UI misrepresentation of critical information allows an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is no...

PT-2026-39644

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and white-label Android apps = 1.8.x latest observed, multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys...