39 matches found
Pixel-stealing “Pixnapping” attack targets Android devices
Researchers at US universities have demonstrated how a malicious Android app can trick the system into leaking pixel data. That may sound harmless, but imagine if a malicious app on your Android device could glimpse tiny bits of information on your screen—even the parts you thought were secure,...
EUVD-2018-7987
Malware in sbrugna...
Spyware Disguised as Signal and ToTok Apps Targets UAE Android Users
ESET warns of fake Signal and ToTok apps spreading Android spyware in the UAE, stealing contacts, messages, and chat backups from users...
EUVD-2025-17044
Malicious code in bioql PyPI...
EUVD-2025-14002
Malicious code in bioql PyPI...
EUVD-2025-14003
Malicious code in bioql PyPI...
EUVD-2022-32797
Malicious code in bioql PyPI...
CVE-2025-5715
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...
CVE-2025-5715
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...
CVE-2025-5715
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...
CVE-2025-5715 Signal App Biometric Authentication missing critical step in authentication
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...
CVE-2025-5715
CVE-2025-5715 concerns Signal App 7.41.4 on Android with a vulnerability in the Biometric Authentication Handler causing a missing critical authentication step. The issue affects the authentication flow in the Biometric Authentication Handler component and can be exploited by attacking the physic...
CVE-2025-5715 Signal App Biometric Authentication missing critical step in authentication
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...
PT-2025-24006 · Signal · Signal App
Name of the Vulnerable Software and Affected Versions: Signal App version 7.41.4 Description: A vulnerability was found in the Biometric Authentication Handler component, which affects the authentication process by missing a critical step. The attack can be launched on a physical device and has a...
Signal App 安全漏洞
Signal App is an end-to-end encrypted secure messaging platform from Signal USA. A security vulnerability exists in Signal App version 7.41.4, which stems from a missing critical authentication step in the component Biometric Authentication Handler...
CVE-2022-28345
The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...
VulnCheck KEV: CVE-2025-47730
The TeleMessage archiving backend through 2025-05-05 accepts API calls to request an authentication token from the TM SGNL aka Archive Signal app with the credentials of logfile for the user and enRR8UVVywXYbFkqUQDPRkO for the password...
SignalGate Isn’t About Signal
The Trump cabinet’s shocking leak of its plans to bomb Yemen raises myriad confidentiality and legal issues. The security of the encrypted messaging app Signal is not one of them...
CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages
The Computer Emergency Response Team of Ukraine CERT-UA is warning of a new campaign that targets the defense sectors with Dark Crystal RAT aka DCRat. The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual...
SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign
The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, whic...