A security researcher has found a second factory app that was included on OnePlus devices delivered to customers, and this one can be abused to dump the user's photos and videos, but also GPS, WiFi, Bluetooth, and various other logs.
Some OnePlus devices, if not all, come preinstalled with an application named EngineerMode that can be used to root the device and may be converted into a fully-fledged backdoor by clever attackers.
Security researchers have discovered that tens of developers have left API credentials in hundreds of applications built around the Twilio service.
Google has added support in Android for an experimental feature that will encrypt DNS requests and prevent network-level attackers from snooping on user traffic.
A new report released earlier this week estimates that Kotlin will surpass Java as the primary programming language used for Android apps by December 2018.
A new ransomware targeting Android devices has been spotted in the wild. Codenamed DoubleLocker, the ransomware abuses Android's Accessibility service and reactivates itself every time the user presses the phone's Home button.
Microsoft announced on Monday that it started rolling out Cortana integration in Skype, bringing its smart AI-based virtual assistant to the company's instant messaging client.
OxygenOS, a custom version of the Android operating system that comes installed on all OnePlus smartphones, is tracking users actions without anonymizing data, allowing OnePlus to connect each phone to its customer.
WhatsApp has the honor of being the most popular app on iOS enterprise devices, but also the most blacklisted app on enterprise networks.
A rogue iOS application can gain access to limited geo-location information by obtaining image permissions and extracting GPS coordinates from locally-stored photos.
GO Keyboard, an insanely popular custom keyboard app for the Android OS, also available on the official Google Play Store, was caught collecting user data and downloading and running code from a third-party server.
On Tuesday, police in Japan detained a 13-year-old boy from Osaka on charges of advertising and selling a mobile virus that blocked smartphone screens and prevented users from using their device.
At a recently concluded security conference, experts from an Israeli university have presented new research that describes a possible attack scenario which leverages replacement parts to carry out attacks on smartphones and other smart devices.
Broadcom Wi-Fi chips embedded in Android and iOS devices are vulnerable to a bug that allows an attacker to execute code on their devices, without any interaction needed from the user.
Security experts have discovered a brand new Android trojan that features a broad range of features that allow it to root Android devices, steal data from over 40 apps, and geo-track phone owners.
For the past year and a half, an Android adware family known as CopyCat has infected over 14 million devices, rooted around 8 million, and made over $1.5 million for its owners.
A team of researchers from French company P1 Security has detailed a long list of issues with the 4G VoLTE telephony, a protocol that has become quite popular all over the world in recent years and is currently in use in the US, Asia, and most European countries.
A malvertising campaign detected on a popular forum is forcibly downloading an Android app on users' devices, which later installs a second app with more intrusive features and which is almost impossible to remove without flashing the user's phone.