Discussion
Loading...

#Tag

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Stefano Marinelli boosted
R. P. Scott
@i47i@hachyderm.io  ·  activity timestamp 2 weeks ago

Hackers can steal 2FA codes and private messages from Android phones

> Android devices are vulnerable to a new attack that can covertly steal 2FA codes, location timelines, and other private data in less than 30 seconds.

> The new attack, named Pixnapping by the team of academic researchers who devised it, requires a victim to first install a malicious app on an Android phone or tablet.

> The app, which requires no system permissions, can then effectively read data that any other installed app displays on the screen. Pixnapping has been demonstrated on Google Pixel phones and the Samsung Galaxy S25 phone and likely could be modified to work on other models with additional work. Google released mitigations last month, but the researchers said a modified version of the attack works even when the update is installed.
https://arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/ #Android #Cybersecurity #InfoSec #2FA #Privacy #Pixnapping #GooglePixel #Samsung #MobileSecurity #DataBreach #ZeroDay #TechNews #Hacking

  • Copy link
  • Flag this post
  • Block
R. P. Scott
@i47i@hachyderm.io  ·  activity timestamp 2 weeks ago

Hackers can steal 2FA codes and private messages from Android phones

> Android devices are vulnerable to a new attack that can covertly steal 2FA codes, location timelines, and other private data in less than 30 seconds.

> The new attack, named Pixnapping by the team of academic researchers who devised it, requires a victim to first install a malicious app on an Android phone or tablet.

> The app, which requires no system permissions, can then effectively read data that any other installed app displays on the screen. Pixnapping has been demonstrated on Google Pixel phones and the Samsung Galaxy S25 phone and likely could be modified to work on other models with additional work. Google released mitigations last month, but the researchers said a modified version of the attack works even when the update is installed.
https://arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/ #Android #Cybersecurity #InfoSec #2FA #Privacy #Pixnapping #GooglePixel #Samsung #MobileSecurity #DataBreach #ZeroDay #TechNews #Hacking

  • Copy link
  • Flag this post
  • Block
Greg Lloyd
@Roundtrip@federate.social  ·  activity timestamp 3 months ago

“Microsoft has released patches to “fully protect” SharePoint 2019 and SharePoint Subscription Edition servers, and the company is actively working on a patch for SharePoint 2016.

#CISA …says that the scope and impact of the attacks are still being assessed, and that any servers that have been impacted by the exploit should be disconnected from the internet until an official resolution is available.”

#Sharepoint #zerodayhttps://mastodon.social/@verge/114890559136880575

  • Copy link
  • Flag this post
  • Block
Ariadne Conill 🐰:therian: boosted
CryptGoat
@cryptgoat@fedifreu.de  ·  activity timestamp 4 months ago
#Bluetooth was a mistake: Millions of Bluetooth headphones can potentially be turned in eavesdropping devices. Best-seller #Sony and #Bose #headphones are affected by at least some of the disclosed flaws among many others. The true dimension of these flaws is yet unknown as the the vulnerable component is very widely in use under different names.

https://www.heise.de/en/news/Zero-day-Bluetooth-gap-turns-millions-of-headphones-into-listening-stations-10460704.html

Disclosure of the vulnerabilities: https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/

No updates or official statements available yet. ☠️

#Security#Privacy#Audio#Airoha#ZeroDay

  • Copy link
  • Flag this post
  • Block
CryptGoat
@cryptgoat@fedifreu.de  ·  activity timestamp 4 months ago
#Bluetooth was a mistake: Millions of Bluetooth headphones can potentially be turned in eavesdropping devices. Best-seller #Sony and #Bose #headphones are affected by at least some of the disclosed flaws among many others. The true dimension of these flaws is yet unknown as the the vulnerable component is very widely in use under different names.

https://www.heise.de/en/news/Zero-day-Bluetooth-gap-turns-millions-of-headphones-into-listening-stations-10460704.html

Disclosure of the vulnerabilities: https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/

No updates or official statements available yet. ☠️

#Security#Privacy#Audio#Airoha#ZeroDay

  • Copy link
  • Flag this post
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.21 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login