Bleeping Computer

AWS, Azure auth keys found in Android and iOS apps used by millions

Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user ...
Bleeping Computer

Hackers steal banking creds from iOS, Android users via PWA apps

Threat actors started to use progressive web applications to impersonate banking apps and steal credentials from Android and iOS users. Progressive web apps (PWA) are cross-platform applications that ...
Ars Technica

3 million iOS and macOS apps were exposed to potent supply-chain attacks

Vulnerabilities that went undetected for a decade left thousands of macOS and iOS apps susceptible to supply-chain attacks. Hackers could have added malicious code compromising the security of ...
techtimes

iPhone, Mac Applications Have Been Exposed to Cyberattacks for 10 Years, Report Claims

A new cybersecurity report reports that applications for both iOS and macOS have been vulnerable to serious supply-chain cyberattacks. The study found that hackers could manipulate email verification ...
WeLiveSecurity

Be careful what you pwish for – Phishing in PWA applications

In this blogpost we discuss an uncommon type of phishing campaign targeting mobile users and analyze a case that we observed in the wild that targeted clients of a prominent Czech bank. This technique ...