Find notable cyber news and cases, enriched with sources, timelines, and signals.

Android Pixnapping side-channel flaw (CVE-2025-48561)

Vulnerability
First reported
Last updated
Happening score
H score 36
2 unique sources, 2 articles

Summary

Hide ▲

Pixnapping is a side-channel vulnerability in Android that lets a malicious app with no permissions steal pixels from apps and websites and reconstruct sensitive content. The attack has been shown against Google Pixel 6/7/8/9 and Samsung Galaxy S25 devices on Android 13 through 16, including Google Authenticator 2FA codes, Gmail emails, Signal messages, and Google Maps data, with 2FA codes recoverable in less than 30 seconds. Google tracks the issue as CVE-2025-48561 and tried to fix it in the September 2025 Android update, but researchers bypassed that mitigation; Google expects a more complete fix in the December 2025 Android security update.

Related Happenings

Bright Data iOS SDK teardown reveals unauthenticated scraping relay and VPN bypass

Technical Analysis
H score45 First: 06.06.2026 11:29 Last: 06.06.2026 11:29 Sources 1

About this happening: Researchers **reverse-engineered Bright Data's iOS SDK** and found it can turn consumer devices into **exit nodes** for web-scraping traffic. The teardown showed the job channel h...

Google Gemini on Android notification-injection bypass using Fake Context Alignment

Technical Analysis
H score16 First: 03.06.2026 22:11 Last: 03.06.2026 22:11 Sources 1

About this happening: Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...

Google rolls out Android fake call detection against AI impersonation scam calls

Security Tool/Service
H score20 First: 03.06.2026 12:02 Last: 03.06.2026 12:02 Sources 1

About this happening: **Google** is rolling out **fake call detection** on **Android 12 and later** devices this month, giving users a built-in warning when a caller may be using **AI voice-cloning** o...

Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication

Technical Analysis
H score16 First: 21.05.2026 23:07 Last: 21.05.2026 23:07 Sources 1

About this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...

Android 17 expands platform security and privacy protections

Security Tool/Service
H score15 First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Timeline

  1. 14.10.2025 14:18 3 articles · 8mo ago

    Pixnapping Android side-channel flaw disclosed

    Initial Disclosure

    Researchers disclosed Pixnapping, a side-channel attack against Android devices from Google and Samsung that can steal 2FA codes, Google Maps timelines, and other sensitive data from victim apps such as Google Authenticator without special app permissions. The technique uses Android intents, semi-transparent activities, Android's window blur API, and a GPU side-channel to force victim pixels into the rendering pipeline and measure blur timing, and Google tracks the issue as CVE-2025-48561 with a CVSS score of 5.5. Google issued patches in the September 2025 Android Security Bulletin, but a workaround can re-enable exploitation and the related app-list bypass remains marked "won't fix."

    Show sources