Pixnapping side-channel can steal 2FA codes pixel-by-pixel on Android 13–16; CVE-2025-48561 patched Sept 2025 but workaround ...
Google has only partially mitigated the attack, which involves using a malicious Android app to secretly discern the two-factor codes generated by authenticator apps.
Android devices are vulnerable to a new attack that can covertly steal 2FA codes, location timelines, and other private data ...
Pixnapping was performed on five devices running Android versions 13 to 16: the Google Pixel 6, Google Pixel 7, Google Pixel 8, Google Pixel 9, and Samsung Galaxy S25. However, it is possible that ...
Security researchers say Meta and Yandex used native Android apps to listen on localhost ports, allowing them to link web browsing data to user identities and bypass typical privacy protections.… ...
New research suggests that Meta and Yandex used a loophole in Android to link web browsing data to app identities. The method bypassed incognito mode, cookie clearing, and other privacy protections.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results