Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App

The threat actor known as Arid Viper aka APT-C-23, Desert Falcon, or TAG-63 has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper's Android malware has a number of featur...

Chinese APT Slid Fake Signal and Telegram Apps onto Official App Stores

By Habiba Rashid Key Findings Cybersecurity researchers have warned of fake Signal and Telegram apps that have been distributed through the… This is a post from HackRead.com Read the original post: Chinese APT Slid Fake Signal and Telegram Apps onto Official App Stores...

CVE-2023-31823

An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function...

CVE-2023-31823

An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function...

CVE-2023-31823

An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function...

CVE-2023-31823

An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function...

CVE-2023-31823

An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function...

CVE-2023-31823

CVE-2023-31823 affects Marui Official app v13.6.1. The issue allows a remote attacker to access sensitive information via the channel access token used by the miniapp Store function (Marui Official Store). Impact is information disclosure; no exploitation details are provided beyond this descript...

OSRipper - AV Evading OSX Backdoor And Crypter Framework

OSripper is a fully undetectable Backdoor generator and Crypter which specialises in OSX M1 malware. It will also work on windows but for now there is no support for it and it IS NOT FUD for windows yet at least and for now i will not focus on windows. You can also PM me on discord for support or...

Fake Trezor app steals more than $1 million worth of crypto coins

Several users of Trezor, a small hardware device that acts as a cryptocurrency wallet, have been duped by a fake app with the same name. The app was available on Google Play and Apple’s App Store and also claimed to be from SatoshiLabs, the creators of Trezor. According to the Washington Post, th...

Amazon Prime Day—8 tips for safer shopping

Avid Amazon Prime Day shoppers may have been worried theyd missed it this year—thanks coronavirus. Fear not, last month Amazon announced Prime Day will take place three months after its original annual date, beginning today. And this year, itll take place over two days, rather than one. This coul...

New Android Malware Steals Banking Passwords, Private Data and Keystrokes

A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Called "EventBot" by Cybereason researchers, the malware is...

CVE-2019-5955

CREATE SD official App for Android version 1.0.2 and earlier allows remote attackers to bypass access restriction to lead a user to access an arbitrary website via vulnerable application and conduct phishing attacks...

CVE-2019-5955

The CVE-2019-5955 issue concerns the CREATE SD official App for Android (version 1.0.2 and earlier). The root cause is an improper access control vulnerability (CWE-284) in how the app handles Intents, enabling a remote attacker to craft an interaction that directs a user to an arbitrary URL. Thi...

RNC 2016: Official App - Dangerous filesystem permissions, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application RNC 2016: Official App published at the 'play' market has multiple vulnerabilities...

Enzkreis - die offizielle App - External URLs, MIT license, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Enzkreis - die offizielle App published at the 'play' market has multiple vulnerabilities...

iObertauern - the official app - Customized SSL, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application iObertauern - the official app published at the 'play' market has multiple vulnerabilities...

Stadt Köln - offizielle App - External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Stadt Köln - offizielle App published at the 'play' market has multiple vulnerabilities...

ATM Milano Official App - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application ATM Milano Official App published at the 'play' market has multiple vulnerabilities...

WRC – The Official App - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application WRC – The Official App published at the 'play' market has multiple vulnerabilities...