There doesn't appear to be an end in sight for the cryptojacking scourge affecting all facets of the web right now.
Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA.
A new botnet appeared over the weekend, and it's targeting Android devices by scanning for open debug ports so it can infect victims with malware that mines the Monero cryptocurrency.
Google says it removed over 700,000 bad or malicious apps from the Play Store in 2017, up 70% from 2016.
An Android app component meant to provide inter-user chatting capabilities has been opening websites and clicking on ads in phones' background.
A OnePlus spokesperson has officially confirmed a card breach incident affecting its online store, about which rumors started circulating online earlier in the week.
Google has removed 53 apps from the official Play Store because they were spreading a new breed of Android malware named GhostTeam that could steal Facebook credentials and push ads to infected phones.
Things are about to get a lot worse for Android users after the source code of a highly advanced Android banking trojan has been sold to different parties on a well-known hacking forum.
Security researchers from Kaspersky Lab have discovered a new and powerful strain of Android spyware that they believe was created by an Italian IT company which they suspect is active in the surveillance software market.
A cyber-security firm has discovered what they believe to be the first Android malware family written in the Kotlin programming language.
Google has removed 36 Android apps that snuck into the official Play Store, posing as security and performance boosting apps, but which only contained code to mimic the behavior of such apps.
Malicious applications can freely access sensor data on modern smartphones and use this highly sensitive data stream to collect vasts amounts of intel on the phone's owner, information that they can later use to guess the user's phone PIN.
Today, the Freedom of the Press Foundation and the Guardian Project have launched a new Android application named Haven that will transform a phone into a mini-surveillance kit that can be used to record nearby surroundings in case of intrusions.
Many Android users may still have a backdoor on their device, according to new revelations made today by the Malwarebytes' mobile security research team.
A malware strain known as Loapi will damage phones if users don't remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone's components, which will make the battery bulge, deform the phone's cover, or even worse.
The Indian Defence Ministry has advised troops stationed on the Chinese border to uninstall Chinese-made apps from their smartphones.
Google's December 2017 Android Security Bulletin contains a fix for a vulnerability that allows malicious actors to bypass app signatures and inject malicious code into Android apps.
A vulnerability codenamed ParseDroid affects development tools used by Android app developers and allows attackers to steal files and execute malicious code on vulnerable machines.
Google announced plans to crack down on Android applications that fail to warn users when they are collecting personal data. The OS maker is giving app developers 60 days to fix their issues and update apps with notifications of their full practices. In case app developers fail to comply, Google will take it upon itself to warn users