New 'Pixnapping' attack lets hackers steal Android chats, 2FA codes in seconds

Cybersecurity researchers have discovered a new type of attack that affects Android devices, and they say it lets hackers get ...
The Hacker News

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Pixnapping side-channel can steal 2FA codes pixel-by-pixel on Android 13–16; CVE-2025-48561 patched Sept 2025 but workaround ...

This new Android exploit can steal everything on your screen - even 2FA codes

Pixnapping was performed on five devices running Android versions 13 to 16: the Google Pixel 6, Google Pixel 7, Google Pixel 8, Google Pixel 9, and Samsung Galaxy S25. However, it is possible that ...
PCMag

'Pixnapping' Attack Can Steal Two-Factor Codes From Android Phones

Google has only partially mitigated the attack, which involves using a malicious Android app to secretly discern the two-factor codes generated by authenticator apps.

New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing ...
Hosted on MSN

Meta pauses mobile port tracking tech on Android after researchers cry foul

Security researchers say Meta and Yandex used native Android apps to listen on localhost ports, allowing them to link web browsing data to user identities and bypass typical privacy protections.… ...
Android Authority

This Android loophole could have let your apps spy on your web browsing (Updated: Statement)

New research suggests that Meta and Yandex used a loophole in Android to link web browsing data to app identities. The method bypassed incognito mode, cookie clearing, and other privacy protections.