A new botnet appeared over the weekend, and it's targeting Android devices by scanning for open debug ports so it can infect victims with malware that mines the Monero cryptocurrency.
A OnePlus spokesperson has officially confirmed a card breach incident affecting its online store, about which rumors started circulating online earlier in the week.
Google has removed 36 Android apps that snuck into the official Play Store, posing as security and performance boosting apps, but which only contained code to mimic the behavior of such apps.
Malicious applications can freely access sensor data on modern smartphones and use this highly sensitive data stream to collect vasts amounts of intel on the phone's owner, information that they can later use to guess the user's phone PIN.
Today, the Freedom of the Press Foundation and the Guardian Project have launched a new Android application named Haven that will transform a phone into a mini-surveillance kit that can be used to record nearby surroundings in case of intrusions.
Many Android users may still have a backdoor on their device, according to new revelations made today by the Malwarebytes' mobile security research team.
A malware strain known as Loapi will damage phones if users don't remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone's components, which will make the battery bulge, deform the phone's cover, or even worse.
Android smartphones running Lolipop, Marshmallow, and Nougat, are vulnerable to an attack that exploits the MediaProjection service to capture the user's screen and record system audio
A security researcher has found a second factory app that was included on OnePlus devices delivered to customers, and this one can be abused to dump the user's photos and videos, but also GPS, WiFi, Bluetooth, and various other logs.
Some OnePlus devices, if not all, come preinstalled with an application named EngineerMode that can be used to root the device and may be converted into a fully-fledged backdoor by clever attackers.
A bug in the new "Adaptive Icons" feature introduced in Android Oreo has sent thousands of phones into infinite boot loops, forcing some users to reset their devices to factory settings, causing users to lose data along the way.
Scientists from Florida International University and Bloomberg have created a custom two-factor authentication (2FA) system that relies on users taking a photo of a personal object.
Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges.
A new ransomware targeting Android devices has been spotted in the wild. Codenamed DoubleLocker, the ransomware abuses Android's Accessibility service and reactivates itself every time the user presses the phone's Home button.
OxygenOS, a custom version of the Android operating system that comes installed on all OnePlus smartphones, is tracking users actions without anonymizing data, allowing OnePlus to connect each phone to its customer.
WhatsApp has the honor of being the most popular app on iOS enterprise devices, but also the most blacklisted app on enterprise networks.