mobile-security

Android's April Patch Targets a Security Layer Most Users Have Never Heard Of

John Z Black Apr 10, 2026

Vulnerabilities & Patching #android #strongbox #cve-2026-0049 #cve-2025-48651 #patch #hardware-security #mobile-security

April's Android security update fixes a critical zero-interaction DoS and a High-severity flaw in StrongBox, the hardware layer protecting your payment credentials, biometrics, and encrypted storage.

Two Active Campaigns Are Using WhatsApp as the Front Door

John Z Black Apr 2, 2026

Threat Intelligence #whatsapp #spyware #sio #windows-malware #uac-bypass #mobile-security #surveillance

A VBS-based Windows hijack and an Italian spyware operation are both running through WhatsApp right now. Your chat app is a threat vector.

A Full Android Rootkit Hid in Google Play for Months. 2.3 Million Downloads.

John Z Black Apr 2, 2026

Threat Intelligence #android #rootkit #google-play #mcafee #novoice #mobile-security #malware

McAfee found a full rootkit hiding in 50+ Google Play apps. It roots your phone, survives factory resets, and hijacks WhatsApp sessions. 2.3 million devices already got it.

Apple Is Literally Warning Millions of iPhone Users: You're Being Attacked Right Now

John Z Black Mar 28, 2026

Vulnerabilities & Patching #apple #ios #iphone #exploit #coruna #darksword #lockdown-mode #mobile-security #consumer

Apple pushed lock screen alerts to millions of iPhones warning of active attacks from the Coruna and DarkSword exploit kits -- and some users have no patch path at all.

The iPhone Exploit That Won't Die: Operation Triangulation's Code Is Back and More Dangerous

John Z Black Mar 27, 2026

Threat Intelligence #ios #iphone #exploit #mobile-security #triangulation #kaspersky #zero-click

Exploit code from the 2023 Operation Triangulation campaign lives inside Coruna, a new iOS attack framework hitting modern iPhones in mass attacks. Elite nation-state code is now being aimed at everyone.

The Week the Infrastructure Fought Back (and Lost)

John Z Black Mar 23, 2026

Weekly Recap #the-week-in-cyber #mobile-security #supply-chain #identity #iran #dprk #ransomware #ai-fraud #threat-intelligence

The week of March 16-22 hit management planes, identity infrastructure, and security tooling itself -- and North Korea kept hiring.

Update Everything: Chrome Zero-Days, Android's March Bulletin, and the Patch Gap That Puts You at Risk

John Z Black Mar 22, 2026

Vulnerabilities & Patching #chrome #android #zero-day #mediatek #patching #cve #mobile-security

Two Chrome zero-days under active attack, 129 Android vulnerabilities in March, and the stubborn reality that 'patch available' and 'you're protected' are two very different things.

iPhone Exploit Kits Go Mainstream: DarkSword, Coruna, and the End of 'iOS Is Enough'

John Z Black Mar 21, 2026

Vulnerabilities & Patching #ios #apple #darksword #coruna #mobile-security #exploit-kit #zero-day #nation-state

New research from Google, iVerify, and Lookout confirms iOS exploit kits have moved from rare targeted spyware to website-level deployment against broad populations. A companion toolkit was found targeting US government officials specifically.

Mobile Trust Is Fracturing: Android Fraudware and iOS Exploit Chains Converge

John Z Black Mar 20, 2026

Threat Intelligence #mobile-security #android-malware #ios-exploits #byod-risk #app-provenance #zero-day

Perseus on Android, DarkSword on iOS, and new iPhone exploitation reporting point to a shared reality: mobile trust assumptions are breaking across both ecosystems.

iPhone Exploit Chains Are Becoming a Market, Not a One-Off

John Z Black Mar 18, 2026

Threat Intelligence #ios #darksword #iphone #spyware #threat-intelligence #mobile-security #webkit

DarkSword iOS exploit capability is showing up across multiple actor sets -- state-linked groups, commercial spyware vendors, and infostealer campaigns. The old 'rare nation-state' framing doesn't hold anymore.

Your Old iPhone Is Under Active Attack. Update It Today.

John Z Black Mar 13, 2026

Consumer Security #apple #ios #webkit #coruna #patch #mobile-security #active-exploitation

Apple issued an emergency patch for older iPhones and iPads to fix actively exploited Coruna WebKit vulnerabilities. If you have an old device you haven't updated, this is when that delay becomes a real problem.