Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Google Android Security Bulletin patch for CVE-2025-48561

Security Patch Release
First reported
Last updated
Happening score
H score 9
2 unique sources, 2 articles

Summary

Hide ▲

Pixnapping is a side-channel attack on Android that lets a malicious app with no permissions extract pixels from apps or websites and reconstruct sensitive content such as Signal messages, Gmail emails, and 2FA codes from Google Authenticator. Google attempted to fix CVE-2025-48561 in the September 2025 Android update, but researchers bypassed that mitigation, and a more complete fix is expected in the December 2025 Android security update. The attack was demonstrated on Google Pixel 6/7/8/9 and Samsung Galaxy S25 devices running Android 13 through 16, and can steal 2FA codes in less than 30 seconds.

Related Happenings

Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication

Technical Analysis
First: 21.05.2026 23:07 Last: 21.05.2026 23:07 Sources 1

About this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...

Open Happening

Android 17 expands platform security and privacy protections

Security Tool/Service
First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Open Happening

EngageLab SDK version 5.2.1 patch release

Security Patch Release
First: 09.04.2026 20:26 Last: 09.04.2026 20:26 Sources 1

About this happening: **EngageLab** released **version 5.2.1** to fix the **EngageLab SDK** flaw affecting Android apps that used vulnerable integrations. The update closed an **intent redirection** is...

Open Happening

SparkCat malware variant in App Store and Google Play apps steals wallet recovery phrases

Malware Activity
First: 03.04.2026 12:10 Last: 03.04.2026 12:10 Sources 1

About this happening: The **SparkCat** malware resurfaced in a new variant inside apps on the **Apple App Store** and **Google Play Store**, increasing the risk of mobile crypto wallet theft. The malwa...

Open Happening

NoVoice Android malware hidden in Google Play apps

Malware Activity
First: 01.04.2026 21:07 Last: 01.04.2026 21:07 Sources 1

About this happening: **NoVoice** Android malware was found hidden in **more than 50 Google Play apps**, exposing **at least 2.3 million downloads** to compromise. After installation, it used **old And...

Open Happening

Timeline

  1. 14.10.2025 14:18 3 articles · 7mo ago

    Google patches CVE-2025-48561 in Android Security Bulletin

    Mitigation Patch Update

    Google added patches for CVE-2025-48561 (CVSS score: 5.5) in the September 2025 Android Security Bulletin to address Pixnapping on Android devices from Google and Samsung, a side-channel attack that can steal 2FA codes, Google Maps timelines, and other sensitive data from apps such as Google Authenticator; a workaround can re-enable Pixnapping, Google is working on a fix, and the app list bypass remains marked "won't fix."

    Show sources
    Open in new tab