Google Android Security Bulletin patch for CVE-2025-48561
Security Patch Release
Summary
Hide ▲
Show ▼
Pixnapping is a side-channel attack on Android that lets a malicious app with no permissions extract pixels from apps or websites and reconstruct sensitive content such as Signal messages, Gmail emails, and 2FA codes from Google Authenticator. Google attempted to fix CVE-2025-48561 in the September 2025 Android update, but researchers bypassed that mitigation, and a more complete fix is expected in the December 2025 Android security update. The attack was demonstrated on Google Pixel 6/7/8/9 and Samsung Galaxy S25 devices running Android 13 through 16, and can steal 2FA codes in less than 30 seconds.
Related Happenings
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical Analysis
H score16
First: 03.06.2026 22:11
Last: 03.06.2026 22:11
Sources 1
About this happening:
Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical AnalysisAbout this happening: Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...
Google rolls out Android fake call detection against AI impersonation scam calls
Security Tool/Service
H score20
First: 03.06.2026 12:02
Last: 03.06.2026 12:02
Sources 1
About this happening:
**Google** is rolling out **fake call detection** on **Android 12 and later** devices this month, giving users a built-in warning when a caller may be using **AI voice-cloning** o...
Google rolls out Android fake call detection against AI impersonation scam calls
Security Tool/ServiceAbout this happening: **Google** is rolling out **fake call detection** on **Android 12 and later** devices this month, giving users a built-in warning when a caller may be using **AI voice-cloning** o...
Google security patch release for CVE-2025-48595
Security Patch Release
H score45
First: 02.06.2026 14:10
Last: 02.06.2026 14:10
Sources 1
About this happening:
Google's **June 2026 Android security patches** address **124 vulnerabilities**, including an **actively exploited zero-day**. The release ships as the **2026-06-01** and **2026-0...
Google security patch release for CVE-2025-48595
Security Patch ReleaseAbout this happening: Google's **June 2026 Android security patches** address **124 vulnerabilities**, including an **actively exploited zero-day**. The release ships as the **2026-06-01** and **2026-0...
Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication
Technical Analysis
H score16
First: 21.05.2026 23:07
Last: 21.05.2026 23:07
Sources 1
About this happening:
Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...
Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication
Technical AnalysisAbout this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...
Android 17 expands platform security and privacy protections
Security Tool/Service
H score15
First: 12.05.2026 20:00
Last: 12.05.2026 20:00
Sources 1
About this happening:
**Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...
Android 17 expands platform security and privacy protections
Security Tool/ServiceAbout this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...
Timeline
-
14.10.2025 14:18 3 articles · 8mo ago
Google patches CVE-2025-48561 in Android Security Bulletin
Mitigation Patch UpdateGoogle added patches for CVE-2025-48561 (CVSS score: 5.5) in the September 2025 Android Security Bulletin to address Pixnapping on Android devices from Google and Samsung, a side-channel attack that can steal 2FA codes, Google Maps timelines, and other sensitive data from apps such as Google Authenticator; a workaround can re-enable Pixnapping, Google is working on a fix, and the app list bypass remains marked "won't fix."
Show sources
- New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions — thehackernews.com — 14.10.2025 14:18
- New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions — thehackernews.com — 14.10.2025 14:18
- New Android Pixnapping attack steals MFA codes pixel-by-pixel — www.bleepingcomputer.com — 14.10.2025 21:46