Find notable cyber news and cases, enriched with sources, timelines, and signals.

Google Android Security Bulletin patch for CVE-2025-48561

Security Patch Release
First reported
Last updated
Happening score
H score 18
2 unique sources, 2 articles

Summary

Hide ▲

Pixnapping is a side-channel attack on Android that lets a malicious app with no permissions extract pixels from apps or websites and reconstruct sensitive content such as Signal messages, Gmail emails, and 2FA codes from Google Authenticator. Google attempted to fix CVE-2025-48561 in the September 2025 Android update, but researchers bypassed that mitigation, and a more complete fix is expected in the December 2025 Android security update. The attack was demonstrated on Google Pixel 6/7/8/9 and Samsung Galaxy S25 devices running Android 13 through 16, and can steal 2FA codes in less than 30 seconds.

Related Happenings

Google Gemini on Android notification-injection bypass using Fake Context Alignment

Technical Analysis
H score16 First: 03.06.2026 22:11 Last: 03.06.2026 22:11 Sources 1

About this happening: Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...

Google rolls out Android fake call detection against AI impersonation scam calls

Security Tool/Service
H score20 First: 03.06.2026 12:02 Last: 03.06.2026 12:02 Sources 1

About this happening: **Google** is rolling out **fake call detection** on **Android 12 and later** devices this month, giving users a built-in warning when a caller may be using **AI voice-cloning** o...

Google security patch release for CVE-2025-48595

Security Patch Release
H score45 First: 02.06.2026 14:10 Last: 02.06.2026 14:10 Sources 1

About this happening: Google's **June 2026 Android security patches** address **124 vulnerabilities**, including an **actively exploited zero-day**. The release ships as the **2026-06-01** and **2026-0...

Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication

Technical Analysis
H score16 First: 21.05.2026 23:07 Last: 21.05.2026 23:07 Sources 1

About this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...

Android 17 expands platform security and privacy protections

Security Tool/Service
H score15 First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Timeline

  1. 14.10.2025 14:18 3 articles · 8mo ago

    Google patches CVE-2025-48561 in Android Security Bulletin

    Mitigation Patch Update

    Google added patches for CVE-2025-48561 (CVSS score: 5.5) in the September 2025 Android Security Bulletin to address Pixnapping on Android devices from Google and Samsung, a side-channel attack that can steal 2FA codes, Google Maps timelines, and other sensitive data from apps such as Google Authenticator; a workaround can re-enable Pixnapping, Google is working on a fix, and the app list bypass remains marked "won't fix."

    Show sources