CVE-2025-57840 Privilege Bypass in ADB

ADBAndroid Debug Bridge is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...

PT-2025-52871

Name of the Vulnerable Software and Affected Versions ADB Android Debug Bridge affected versions not specified Description ADB Android Debug Bridge is susceptible to a type privilege bypass issue. Successful exploitation of this issue could lead to service availability problems. Recommendations A...

LLM-Driven Feature-Level Adversarial Attacks on Android Malware Detectors

The rapid growth in both the scale and complexity of Android malware has driven the widespread adoption of machine learning ML techniques for scalable and accurate malware detection. Despite their effectiveness, these models remain vulnerable to adversarial attacks that introduce carefully crafte...

@acabai/android (>=1.0.0 <=2.0.6), @acabai/core (>=1.0.0 <=1.0.6) +930 more potentially affected by CVE-2025-68665 via @langchain/core (>=0.0.0 <=0.3.8)

@langchain/core NPM version =0.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =0.0.6, =1.0.5, =0.1.2, =0.0.1, =1.2.27, =0.1.7, =3.0.0-beta.65.0, =8.0.0, =10.0.0, =11.0.0 and more Source cves: CVE-2025-68665 Source advisory: OSV:GHSA-R399-636X-V7F6...

Better Call Graphs: A New Dataset of Function Call Graphs for Malware Classification

Function call graphs FCGs have emerged as a powerful abstraction for malware detection, capturing the behavioral structure of applications beyond surface-level signatures. Their utility in traditional program analysis has been well established, enabling effective classification and analysis of...

Frogblight Malware Targets Android Users With Fake Court and Aid Apps

Kaspersky warns of 'Frogblight,' a new Android malware draining bank accounts in Turkiye. Learn how this 'court case' scam steals your data and how to stay safe...

⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More

Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They're going after the everyday tools we trust most — firewalls, browser add-ons, and even smart TVs — turning small cracks into serious breaches. The real danger now isn't just one major attack, but...

A week in security (December 15 &#8211; December 21)

Last week on Malwarebytes Labs: CISA warns ASUS Live Update backdoor is still exploitable, seven years on The ghosts of WhatsApp: How GhostPairing hijacks accounts Chrome extension slurps up AI chats after users installed it for privacy Two Chrome flaws could be triggered by simply browsing the...

Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale

Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan. "Previously, users received 'pure' Trojan APKs that acted as malware immediately upon...

IoT-Based Android Malware Detection Using Graph Neural Network with Adversarial Defense

Since the Internet of Things IoT is widely adopted using Android applications, detecting malicious Android apps is essential. In recent years, Android graph-based deep learning research has proposed many approaches to extract relationships from applications as graphs to generate graph embeddings...

CVE-2025-14809

ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2025-14809

ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2025-14809

ArcSearch on Android versions prior to 1.12.6 is affected by an address-bar spoofing issue where the address bar could show a different domain than the displayed content after user interaction with crafted web content. The Root cause is described as navigation/URI confusion in the ArcSearch Andro...

CVE-2025-14809 Address bar spoofing risk in ArcSearch on Android

ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

EUVD-2025-204586

ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2025-14809 Address bar spoofing risk in ArcSearch on Android

ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

Malicious Package

Overview androidteminatorx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-192620 Malicious code in android_teminator_x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33c3191c5716cf98ab9a5976d22602d3140a131b7f906d2c51d88f60950e1a7a The package androidteminatorx was found to contain malicious code. Source: ghsa-malware...

PT-2025-52488

ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics formerly CJ Korea Express. "The threat actor leveraged QR codes...