All CosmicBytez Labs articles tagged #Android, across news, security advisories, how-to guides, and projects.
A new RedHook variant abuses Android's Wireless Debugging feature to gain shell-level privileges without a USB connection — a novel technique that bypasses traditional physical access requirements.
A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service, letting even low-skill criminals take...
A use-after-free bug in the Linux kernel's epoll subsystem — CVE-2026-46242 — lets any local user escalate to root on Linux 6.4+ with ~99% reliability. A...
Google's Threat Intelligence Group and the FBI have dismantled NetNut, a residential proxy network built on 2 million compromised Android smart TVs and...
Researchers have uncovered a novel malware artifact generated using DeepSeek that weaponizes the Chromium File System Access API to encrypt files entirely...
The Court of Justice of the European Union has dismissed Google's final appeal against a €4.1 billion antitrust fine, confirming that the company...
A high-severity use-after-free vulnerability lurking in Samsung's KNOX security framework for eight years left Galaxy devices from the S9 through S25...
This week's threat roundup covers the Usbliter8 iPhone boot exploit, NarwhalRAT spread via fake Microsoft alerts, The Gentlemen ransomware's GentleKiller...
This week's security roundup covers Apple's patch for a Beats headphones eavesdropping vulnerability, the DOT closing its investigation into Delta's...
Security researchers have traced the sprawling Popa Android botnet — which enslaved millions of consumer TV boxes for ad fraud and data scraping — to a...
A high-severity vulnerability in Samsung's Galaxy Editing Service allows local attackers to execute privileged operations due to improper export of Android…
A critical CVSS 9.8 command injection vulnerability in the FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), enabling…
An AI-generated ransomware toolkit automates EDR evasion; Windows Netlogon RCE is actively exploited on domain controllers; the Miasma campaign hits Red Hat…
Google's June 2026 Android security bulletin addresses 124 vulnerabilities including CVE-2025-48595, an actively exploited zero-day used in limited targeted…
A single development-mode setting left in production code bypassed Android protections designed to prevent unauthorized apps from accessing Microsoft account…
Google's June 2026 Android security update patches 124 vulnerabilities including one zero-day flaw that has been actively exploited in targeted attacks…
Researchers at HUMAN Security uncovered Trapdoor, a sophisticated Android ad fraud and malvertising operation that used 455 malicious apps and 183...
Other noteworthy stories this week: Big Tech firms push back against Canada's encryption legislation, Cisco releases a free AI security specification, and...
Cybersecurity researchers discovered 28 fraudulent Android apps on Google Play claiming to offer call history lookups, which instead enrolled users in...
This week's cybersecurity recap covers the Vercel supply chain breach via a compromised AI tool, push fraud campaigns, attackers abusing QEMU virtual...
Google removed over 8.3 billion policy-violating ads and suspended 24.9 million accounts in 2025, while simultaneously rolling out sweeping Android 17...
A now-patched security vulnerability in the widely used EngageLab Android SDK allowed apps on the same device to bypass the Android security sandbox and...
This week's security stories you may have missed: a ChatGPT conversation data leak, a new Android rootkit on Google Play, a municipal water facility taken...
A new Android malware named NoVoice was discovered hiding in over 50 apps on the Google Play Store, with a combined download count of at least 2.3...
Google is testing a new Android Advanced Protection Mode enforcement in Android 17 Beta 2 that automatically strips non-accessibility apps of their...
Google's March 2026 Android security bulletin addresses 129 vulnerabilities, including CVE-2026-21385 — an actively exploited zero-day in a Qualcomm...
ESET researchers discover PromptSpy, the first known Android malware family that abuses Google's Gemini AI at runtime to dynamically navigate device UIs...
A new mobile spyware platform called ZeroDayRAT supports Android 5-16 and iOS up to version 26, providing real-time camera streaming, keylogging, 2FA...
Samsung's February 2026 update roadmap removes Galaxy S21 lineup from support, while S22 series moves to quarterly updates.