Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET
Android is Google's mobile operating system, whose apps, devices, and updates create a broad security surface for vulnerabilities and advisories.
Search across headline titles and summaries.
Background for this topic.
Android is an open-source operating system for mobile devices based on the Linux kernel, supporting apps primarily written in Java and Kotlin. Its architecture enforces app sandboxing and a permission model to isolate apps and restrict access to sensitive data or system features. However, Android’s allowance for installing apps from unofficial sources increases exposure to malicious software outside the vetted app store environment.
Security risks on Android include malware distribution via sideloaded apps, privilege escalation exploiting OS or pre-installed app vulnerabilities, and data leakage through excessive app permissions. Fragmentation in device models and delayed security updates complicate patch management, making timely application of security patches and careful permission control essential defensive practices for reducing attack surfaces on Android devices. Understanding these factors is critical for managing vulnerabilities in both consumer and enterprise contexts.
Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET
A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term memory
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. [...]
A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first flaw added to the catalog, tracked […]
Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks. Google has released its June 2026 Android security updates, fixing 124 vulnerabilities across the mobile operating system. One flaw, tracked as CVE-2025-48595 (CVSS score of 8.4) stands out from the rest because it is already being exploited in […]
Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user's personal contacts. [...]
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]
Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI