Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application SEA feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source...

CVE-2025-21063

Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen...

CVE-2025-21063

Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen...

CVE-2025-21058

Improper access control in Routines prior to version 4.8.7.1 in Android 15 and 4.9.6.0 in Android 16 allows local attackers to potentially execute arbitrary code with SystemUI privilege...

CVE-2025-21063

Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen...

EUVD-2025-33670

Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen...

CVE-2025-21058

Improper access control in Routines prior to version 4.8.7.1 in Android 15 and 4.9.6.0 in Android 16 allows local attackers to potentially execute arbitrary code with SystemUI privilege...

CVE-2025-21058

CVE-2025-21058 affects SAMSUNG Mobile Routines, with improper access control in Routines versions prior to 4.8.7.1 (Android 15) and 4.9.6.0 (Android 16). This allows local attackers to potentially execute arbitrary code with SystemUI privileges . The issue is confirmed across multiple sources (RH...

CVE-2025-21058

Improper access control in Routines prior to version 4.8.7.1 in Android 15 and 4.9.6.0 in Android 16 allows local attackers to potentially execute arbitrary code with SystemUI privilege...

EUVD-2025-33675

Improper access control in Routines prior to version 4.8.7.1 in Android 15 and 4.9.6.0 in Android 16 allows local attackers to potentially execute arbitrary code with SystemUI privilege...

Exploit for Injection in Google Android

EXPLOITER: Automated Exploit for CVE-2024-0044 EXPLOITER...

PT-2025-41518

Name of the Vulnerable Software and Affected Versions Routines versions prior to 4.8.7.1 Routines versions prior to 4.9.6.0 Description An improper access control issue exists in Routines. This allows local attackers to potentially execute arbitrary code with SystemUI privilege. Recommendations...

PT-2025-41523

Name of the Vulnerable Software and Affected Versions Samsung Voice Recorder versions prior to 21.5.73.12 in Android 15 and prior to 21.5.81.40 in Android 16 Description An improper access control issue exists in Samsung Voice Recorder. A physical attacker can access recording files on the lock...

Fake VPN and streaming app drops malware that drains your bank account

Security researchers are warning Android users to delete a fake VPN and streaming app that can let criminals take over their phones and drain their bank accounts. The app, Mobdro Pro IP TV + VPN, was discovered by researchers at Cleafy to be a malicious sideloaded app, not a legitimate VPN. Their...

Fake TikTok and WhatsApp Apps Infect Android Devices with ClayRat Spyware

Zimperium's zLabs warns of ClayRat, a fast-spreading Android spyware targeting Russia. It hides in fake apps like TikTok and steals texts, calls records, and camera photos...

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them. "Once active, the spyware can exfiltra...

Exploit for Confused Deputy in Google Android

Fix for this issue has appeared as CVE-2025-22441: bulletinht...

Exploit for CVE-2024-49746

Fix for this issue appeared as CVE-2024-49746: bulletinhttps:...

Exploit for XML Injection (aka Blind XPath Injection) in Google Android

!Screenshot of Android application with title AbxDroppedApk and...

USN-7789-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...