Nextcloud: Improper input validation On Exported deep-link handler crashes `FileDisplayActivity` on crafted external URL — Denial-of-Service

A vulnerability was discovered in the Nextcloud Android client application where improper input validation in the exported deep-link handler caused a null dereference in the FileDisplayActivity component. This resulted in an unhandled NullPointerException and application crash when the deep-link...

Baohuo Android Malware Hijacks Telegram Accounts via Fake Telegram X

New Android malware Baohuo hijacks Telegram X accounts, stealing data and controlling chats. Over 58,000 devices infected, mainly in India and Brazil...

PT-2025-43504

Name of the Vulnerable Software and Affected Versions Android Framework affected versions not specified Description A flaw in the Android Framework component allows a remote attacker to cause a persistent denial of service through resource exhaustion. The issue exists in the onHeaderDecoded...

PT-2025-43506

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description The issue resides in the hasAccountsOnAnyUser function within DevicePolicyManagerService.java. A logic error in the code allows for the addition of a Device Owner after provisioning. This can...

PT-2025-43462

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A security issue exists in the Android Framework that could allow a remote attacker to escalate privileges. The issue involves a permissions bypass that may allow launching activities from th...

Zero-click Dolby audio bug lets attackers run code on Android and Windows devices

Researchers from Google’s Project Zero discovered a medium-severity remote code execution RCE vulnerability that affects multiple platforms, including Android Samsung and Pixel devices and Windows. Remote code execution means an attacker could run programs on your device without your permission...

Evaluating Large Language Models in Detecting Secrets in Android Apps

Mobile apps often embed authentication secrets, such as API keys, tokens, and client IDs, to integrate with cloud services. However, developers often hardcode these credentials into Android apps, exposing them to extraction through reverse engineering. Once compromised, adversaries can exploit...

Exploit-Android

Exploit-Android اختراق هواتف الاندرويد عبر انشاء ملف MP4 ملغم ا...

Exploit for Deserialization of Untrusted Data in Google Android

Project Documentation Official QQ Group: 745307987 Although P...

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird Specifically for versions under 144. The vulnerabilities include several problems, including a use-after-free issue, memory security flaws and the ability for a malicious person to access sensitive data or execute arbitrary code. These...

ThreatIntel-Andro: Expert-Verified Benchmarking for Robust Android Malware Research

The rapidly evolving Android malware ecosystem demands high-quality, real-time datasets as a foundation for effective detection and defense. With the widespread adoption of mobile devices across industrial systems, they have become a critical yet often overlooked attack surface in industrial...

SUSE CVE-2025-11716

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

SUSE CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144...

SUSE CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144...

SUSE CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it's become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive. Hackers don't always break systems anymore — they use...

CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144...

CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144...

CVE-2025-11716

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...