Google fixing Android lock screen bug that lets Gemini send SMS without a PIN
A specific multi-touch gesture bypasses an authentication prompt, allowing anyone to send messages
SMS is used for login codes and alerts, but text messages can be intercepted, spoofed, or redirected through phone-account attacks.
Search across headline titles and summaries.
Background for this topic.
SMS (Short Message Service) is a standardized mobile-network service for sending short text messages between phone numbers. It is widely used for person-to-person communication, service notifications, and one-time authentication codes, but messages are generally not end-to-end encrypted and may be visible to mobile operators or infrastructure handling delivery.
Security concerns include smishing—phishing delivered by text—along with sender-ID spoofing, malicious links, and social engineering. Account recovery and SMS-based multi-factor authentication can also be undermined when an attacker takes control of a phone number through SIM swapping, abuses carrier processes, or exploits signaling-system weaknesses. Organizations should avoid treating SMS as a high-assurance authentication factor where stronger options are practical, restrict sensitive content in texts, monitor number-change and authentication events, and train users to verify unexpected messages through a trusted channel.
Weekly headline count for the current query.
A specific multi-touch gesture bypasses an authentication prompt, allowing anyone to send messages
Steals SMS messages, location data, contacts … and delivers it to Hamas-linked crew Hamas-linked attackers are dropping spyware disguised as an emergency-alert app on Israelis' smartphones via SMS messages, according to security researchers.…
Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS data — a flaw that has persisted since late 2021.…
Regulators around the globe pay attention as results of 21-month cloud probe published Britain's competition regulator says Microsoft and AWS are using their dominance to harm UK cloud customers and proposes to designate both with strategic market status (SMS) to take action against them.…
Everyone knew texted OTPs were a dud back in 2016 Google has confirmed it will phase out the use of SMS text messages for multi-factor authentication in favor of more secure technologies.…
SMS OTPs are overused, so bring on the tokens and biometrics India's central bank on Wednesday proposed a requirement for dynamically generated second authentication factors for most digital payments.…
Thousands of dodgy SMSes bypassed network filters in UK-first case, it is claimed British police have arrested two individuals following an investigation into an SMS-based phishing campaign using some kind of homebrew hardware.…
Thousands of dodgy SMS messages bypassed network filters in UK-first case, it is claimed British police have arrested two individuals following an investigation into a suspected illegal homebrew phone mast used in SMS-based phishing campaigns.…
Bad guy also got SMS verification codes, and re-registered one of the numbers they searched for The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed.…
Android messaging heist isn't the action of a well company. Let us help Opinion One of the joys of academic research is that if you do it right, you can prove the truth. In the case of computer science professor Douglas Leith, this truth is that Google has been taking detailed notes of every telephone call and SMS message made and received on the default Android apps.…