WhatsApp has the honor of being the most popular app on iOS enterprise devices, but also the most blacklisted app on enterprise networks.
A Google security researcher has published proof-of-concept code for a vulnerability that can be exploited remotely via a WiFi connection to take over iPhone 7 handsets.
Security researchers from Trend Micro published a report detailing a new malware family named ZNIU that uses Dirty COW to root devices and plant a backdoor.
GO Keyboard, an insanely popular custom keyboard app for the Android OS, also available on the official Google Play Store, was caught collecting user data and downloading and running code from a third-party server.
Google removed — and then reinstated — one of the most popular mobile antivirus apps on the Play Store after security firm Check Point discovered that the app was secretly collecting device data from users' smartphones.
Google will automatically delete all of a user's Android backup files — stored in his Google Drive account — if the user does not use his phone for two weeks.
Malware authors hid malicious code inside a software development kit (SDK) that developers embedded in their Android apps, unwittingly exposing their users to a mobile malware strain that Check Point identifies as ExpensiveWall.
A team of Oxford and Cambridge researchers is the latest to join a chorus of voices sounding the alarm on a new attack vector named Intra-Library Collusion (ILC) that could make identifying Android malware much harder in the upcoming future.
A bug discovered in the recently launched Android 8.0 Oreo spends users' mobile data allowance, even when the phone's mobile WiFi connection is enabled.
Mobile security experts from Palo Alto Networks have detailed a new attack on Android devices that uses "Toast" notifications to help malware in obtaining admin rights or access to Android's Accessibility service — often used to take over users' smartphones.
An attacker can downgrade components of the Android TrustZone technology to older versions that feature known vulnerabilities and use older exploits against smartphones running an up-to-date operating system.
Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the boot-up sequence, opening devices to attacks.
After years of silence, WAP-billing trojans are making a comeback, with four new strains becoming active in the second quarter of 2017, targeting Russia and India primarily.
Chinese malware developers have created a specialized Android application that allows anyone to generate a fully-working Android ransomware just by filling in a form and pushing a few buttons.
Google has yet to remove two apps infected with dangerous malware that are currently still available for download via the official Google Play Store.
Will Strafach, an independent security researcher, has discovered over the weekend that the AccuWeather iOS app sends location information to a data monetization firm named Reveal Mobile.
An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company.
It was to be expected that Android banking trojan operators would eventually set their sights on ride-hailing applications, considering that these apps work with a user's financial data on a daily basis.