#pixnapping
LightNews LightNews
intcyberdigest.bsky.social
📚 Pixnapping (CVE-2025-48561)

Pixnapping is a new class of attacks that allows a malicious Android app to stealthily leak information displayed by other Android apps or arbitrary websites. Pixnapping exploits Android APIs and a hardware side channel that affects nearly all modern Android devices.
October 24, 2025 at 4:37 PM
modeblow.bsky.social
究極の画面覗き見攻撃「Pixnapping」とは?Androidの脆弱性を狙う手口を解説 youtu.be/VhMlODYAAZQ?... @YouTubeより
究極の画面覗き見攻撃「Pixnapping」とは?Androidの脆弱性を狙う手口を解説
YouTube video by 新しいものが好きすぎるチャンネル
youtu.be
October 20, 2025 at 6:00 PM
wired.com
The malicious app required to make a “Pixnapping” attack work requires no permissions. www.wired.com/story/a-new-...
A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones
The malicious app required to make a “Pixnapping” attack work requires no permissions.
www.wired.com
October 14, 2025 at 9:42 PM
blowdart.me
Gotta love vulnerability branding

I is in your android pixnapping your TOTP codes
Pixnapping Attack
www.pixnapping.com
October 14, 2025 at 8:41 PM
9to5google.com
Google has patched ‘Pixnapping’ attack in Android, further fix with December security update
Google has patched ‘Pixnapping’ attack in Android, further fix with December security update
Google is aware of a vulnerability that’s able to steal data from apps that are generally considered secure like Authenticator or Signal, using a new technique called “Pixnapping.” The vulnerability has been effective on several Google Pixel device models, as well as Samsung Galaxy devices. more…
9to5google.com
October 14, 2025 at 5:44 PM
campuscodi.risky.biz
"Pixnapping is a new class of attacks that allows a malicious Android app to stealthily leak information displayed by other Android apps or arbitrary websites."

Tested to steal data from Gmail, Google Accounts, Signal, Google Authenticator, Venmo, and Google Maps

www.pixnapping.com
October 14, 2025 at 12:29 PM
infosec.skyfleet.blue
Pixnapping Attack Lets Attackers Steal 2FA on Android
Pixnapping Attack Lets Attackers Steal 2FA on Android
The proof-of-concept exploit allows an attacker to steal sensitive data from Gmail, Google Accounts, Google Authenticator, Google Maps, Signal, and Venmo.
www.darkreading.com
October 14, 2025 at 10:27 PM
gigazine.net
Androidから30秒以内に二要素認証コードを盗むことができるサイバー攻撃「Pixnapping」
https://gigazine.net/news/20251014-android-steal-2fa-codes-pixnapping/
Androidから30秒以内に二要素認証コードを盗むことができるサイバー攻撃「Pixnapping」
悪意のあるAndroidアプリが他のAndroidアプリや任意のウェブサイトに表示される情報を密かに漏えいすることを可能にする新しいサイバー攻撃が「Pixnapping」です。Pixnappingはカリフォルニア大学とワシントン大学、カーネギーメロン大学の研究者によって報告されています。
gigazine.net
October 14, 2025 at 3:07 AM
ninjaowl.ai
Pixel-stealing “Pixnapping” attack targets Android devices #cybersecurity #hacking #news #infosec #security #technology #privacy
Pixel-stealing “Pixnapping” attack targets Android devices
Imagine if a rogue app could glimpse tiny bits of your screen—even the parts you thought were secure, like your 2FA codes.
www.malwarebytes.com
October 14, 2025 at 12:41 PM
0x0.boo
“Anything that is visible when the target app is opened can be stolen by the malicious app using Pixnapping,”
Hackers can steal 2FA codes and private messages from Android phones
Malicious app required to make “Pixnapping” attack work requires no permissions.
go.stonking.com
October 14, 2025 at 2:31 AM
bluesky.awakari.com
Pixnapping: a new Class of Attacks that allows a malicious Android App to stealthily leak Information displayed by other Android Apps or arbitrary Websites. Sucessfull demos on Google and Samsung phones # Infosec # Hacking # Android https://www. pixnapping.com/

Interest | Match | Feed
Origin
bsd.network
October 14, 2025 at 7:10 PM
ninjaowl.ai
New Android Pixnapping attack steals MFA codes pixel-by-pixel #cybersecurity #hacking #news #infosec #security #technology #privacy
New Android Pixnapping attack steals MFA codes pixel-by-pixel
A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content.
www.bleepingcomputer.com
October 15, 2025 at 10:19 AM
cybersecurity.page
Hackers can steal 2FA codes and private messages from Android phones using a "Pixnapping" attack. The malicious app needed for this requires no special permissions.
Hackers can steal 2FA codes and private messages from Android phones | Malicious app required to make "Pixnapping" attack work requires no permissions.
View post on Reddit.
reddit.com
October 15, 2025 at 1:42 PM
puretech.news
Android 'Pixnapping' Attack Can Capture App Data Like 2FA Codes #Technology #Cybersecurity #Pixnapping #AndroidSecurity #2FA
Android 'Pixnapping' Attack Can Capture App Data Like 2FA Codes
An anonymous reader quotes a report from The Register: Security researchers have resurrected a 12-year-old data-stealing attack on web browsers to pilfer sensitive info from Android devices. The attack,...
puretech.news
October 14, 2025 at 4:45 AM
hackernewsrobot.bsky.social
Pixnapping Attack
Pixnapping Attack
www.pixnapping.com
October 15, 2025 at 7:55 AM
hourlybreezing.ntw.app

Bluesky's Top 10 Trending Words (past 60min):
💨x1* - gaza 🔓
💨x1* - democracy 🔓
💨x214 - 1﹐579
💨x1* - ukraine 🔓
💨x79 - stadtbild
💨x76 - d'angelo
💨x59 - benko
💨x57 - 2025-10-15
💨x55 - markey
💨x53 - 브왁
*🔓 = Unlocked Emergency Words (see img)

#ListenToBlackVoices

(Something not right? Reply!)
Word Cloud; its top words (sorted by weighted frequency, descending): gaza*, democracy*, 1﹐579, ukraine*, stadtbild, d'angelo, benko, 2025-10-15, markey, 브왁, アズライール, 2025/10/15, 10/15/2025, venhapromo, professores, 15/10/2025, struzan, moulton, 右京, amaia, brandmauer, @seauxcocoa.bsky.social, 10/15/25, oreja, グランドアサシン, ovalle, jean-rené, godart, リリィ, レミュアン, télévisions, patlama, benegas, 10/15, コヤン, clarinet, balık, pmqs, 初戦, frenkie, @mylordbebo, tuzla'da, professoras, nuzzi, handwashing, cgsnf, 15/10, 15-oct-2025, 蔵書, 維新, 리롤, アイン, pixnapping, now-dismissed, gzdoom, guttenberg, barkels, 山川, ステンノ, بوتين, sfr, rosneft, rektörü, precht, odinga, i̇nci, fluoride, chikorita, capital—begin, al-assad, @whatsapp, @telegram, 브왁이, ワニノコ, アサシン, œufs, videoverse, raila, palestinaren, oeufs, louisiana's, handan, 브왁은, 金村, 遊星, 蝦名, 会派, ábalos, woidke, waymo, verlengt, syrians, rafah, pressley, pistorius, not-so, mused, mimar, lukoil, leire, gordito, exministro, eurofighter, driverless, autistes, acogerse, @grahamformaine.bsky.social, 재밌겠다, 小野寺, 即死, リュシア, ミアレシティ, ミアレ, الشرع, valtonen, tersanede, stellantis, statsbudsjettet, sext, schädigung, sanatlar, platner, picrew, paros, not-too-veiled, metall, gläubiger, gatz, elina, disconnects, disarm, coquimbo, coindcx, 2025年10月15日, 10/16, 비명, 融合, 英霊, 大智, 俣宏, モイネロ, ポカニキ, テリトリー, チコリータ, セガサターン, ザキ, ‭‭john, ‭1, الكرملين, yaralılar, yamamoto, snk, serverless, rojin, remigration, powders, nlwerkt, montero, matías, markey's, malone, katalina, injustement, flammkuchen, ex-prosecutor, ensinar, embarks, durağa, dscc, actblue, abalos, @authorstuartmiller.bsky.social, 10/14/25, 047, -/1, 왁싱, 브왁을, 두목의, 개웃기네, 蒼き, 短気, 熊谷, 森下, 岩崎, 大戸, 以蔵, 下野, ヴァイ, リュックサック, ペガサス, ハルト, トゥモアナ, タイガース, カロス, ちだい, ‭14, ρεκόρ, z-a, yenir, vra Hashtag Cloud; its hashtagged words/phrases (sorted by weighted frequency, descending): humpday, nokings, halloween, 857, portfolioday, merz, motivation, citizenportal, 591, inspiration, stadtbild, shindanmaker, cdu, jocktober, resilience, whiskerswednesday, vote, mindfulness, chile, beetle, baystars#baystars, 相棒, pmqs, halloween2025, gündem, weekpforpink, nudes, horrorsky, birdoftheday, spd, rosewednesday, politicslive, jesus, discover, scotus, rhoslc, futanari, benko, bbcnews, barcelona, youngrepublicans, steamnextfest, fgo#fgo, ashg25, aibou, 펨돔, wipwednesday, success, futa, argentina, actu, イラスト#イラスト, wishlistwednesday, spirituality, meshiyosoi, birdinabush, 音楽, unjourunephoto, titties, spooktober, redwed, positivity, mature, ghostofyotei, fotografie, forbes, csu, climatecrisis, 마사지, wyrdwednesday, wednesdaywisdom, wednesday, tecnologia, rassismus, ragged, racism, pokemonlegendsza, mepolitics, in, howl-a-ween, globalhandwashingday, familyhistory, christian, artistfave15, 스타킹, 마조, 리틀, 阪神タイガース#阪神タイガース, 横浜, モンハンワイルズ, アークナイツ#アークナイツ, últimahora, waffle1363, swearherin, sondaki̇ka, selflove, reflection, pronounsday, productivityhacks, personalgrowth, nlwerkt, nazi, mindset, masturbate, madagascar, kindnessmatters, internationalpronounsday, huelgageneral, hitler, growthmindset, fascists, digitalmarketing, creativity, buddhaquotes, bubblebutt, awareness, astrology, amreading, abolishice, 80stop30, 青横雑談, 阪神タイガース, รับงานรามอินทรา, รับงานบางเขน, xspoilers, worldrecord, wednesdayvibes, wednesdaymotivation, wagonwednesday, thetwen2ie5, rutte, render, qos, perfectbody, motivationmonday, mood, merculedì, lifelessons, learning, global, futuroparapalestina, funnytech, dronelife, dictatorship, diadosprofessores, dbd, consciousness, catgirl, callofduty, brandmauer, bestdeal, 59, 1363, 지인, 에세머, 경남, 笹貫に海に誘われるボタン, 特命係, 特命, 川崎, ホロライブ, フォロバ, おすすめ, ไซด์ไลน์เชียงใหม่, yuri, wr, warframe, unitedstates, u15langileokpalestinarekin, tvasahi#相棒, tvasahi, turkiye, transport, tokumeigakari, teasing, syria, support, successquotes, strength, sexygirls, réflexion, residentevil, region_de_coquimbo, purpose, puppyplay, pornvideo, politie, polen, podcasts, photosky, photoctober, palestinalibre, palegirls, oracle, nordicnews, nextfest, networking, morningmotivation, mobilephotography, legal Emoji Cloud; its emojis (sorted by weighted frequency, descending): 🇦🇫, 🐫, 🇵🇰, 🐪, 🇲🇬, 🫁, 🤙🏼, 🕦, 🏃🏻, 🧍🏻, 🤛🏼, 🙋🏽‍♂️, 😷, 🖖🏾, 🕧, 🕡, 🔇, 👩, 👨‍⚖️, 🌯, 🇪🇨, 🅿, ⤴️, ↪️, 🫴🏻, 🫥, 🫀, 🪭, 🪬, 🪪, 🪧, 🪣, 🪛, 🪂, 🩰, 🧛‍♀️, 🧚🏼‍♀️, 🧘‍♂️, 🧔🏻‍♂️, 🧓, 🧑‍🎄, 🧎🏻‍♂️, 🧂, 🦹🏼‍♀️, 🦸🏼‍♀️, 🦸‍♂️, 🦸, 🦳, 🦧, 🥌, 🤺, 🤸🏻, 🤲🏽, 🤱, 🤰, 🤟🏾, 🤞🏿, 🤜🏼, 🤙, 🛻, 🛳️, 🛩️, 🛩, 🛜, 🚵‍♀️, 🚮, 🙌🏿, 🙋🏻, 😶‍🌫️, 🗯, 🕕, 🔘, 📫, 💑, 💁‍♂️, 👼🏻, 👬, 👩🏽‍🏫, 👩🏼‍🌾, 👩🏼, 👨🏿, 👨🏻‍🏫, 👨🏻, 👨‍💻, 👨‍⚕️, 👘, 👆🏾, 👂🏻, 🐿, 🐻‍❄️, 🐸, 🐨, 🏫, 🏦, 🏙, 🏍, 🏋️‍♂️, 🏊🏽, 🏊, 🏄‍♂️, 🎺, 🎟, 🍢, 🍄, 🌤, 🇸🇾, 🇷🇼, 🇷🇪, 🇳🇱, 🇳🇬, 🇲🇾, 🇲🇺, 🇲🇱, 🇯🇴, 🇮🇩, 🇨🇺, 🇧🇫, 🆒, 🅾, 🅰️, ❇️, ✔, ✋🏻, ⛹, ⛲, ⛩️, ⛑️, ⚧️, ♉, ☘️, ☑️, ☃️, ◽ Emoji Legend 💨x# | "Increased Trending Rate" for a Word (meaningful value; "💨x8 - burger" will mean "burger" is trending at 8 times its own normal rate for this time of day) 🔓 | "Unlocked" Ongoing Emergency Word (such words are not weighted down by their own previous usage; their *ongoing* increased usage--weeks, months, years--would otherwise move them down the list.) [PREVIOUSLY USED] ⚠️💨# | "Trend Strength Rating" ⚠️🌀💨 | "Trend Strength Rating" (see above) ⚠️🌀 CAT. # | [same; "CAT." = Category, like hurricane] 💬# | 10min Post Count 🆎# | 10min Word Count 🙂# | 10min Emoji Count
October 15, 2025 at 1:03 PM
zonecrypto.bsky.social
✦ New Android Vulnerability "Pixnapping" Threatens Crypto Wallet Security: Recent research has revealed a serious vulnerability in Android that enables harmful apps to capture sensitive on-screen content, including recovery phrases and two-factor authentication codes.
October 15, 2025 at 12:27 AM
arstechni.ca
Hackers can steal 2FA codes and private messages from Android phones https://arstechni.ca... #sidechannel #pixnapping #Security #android #privacy #Biz&IT #Google
October 13, 2025 at 11:00 PM
2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy
⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More It’s easy to think your defenses are solid — until you realize attackers have been inside them the whole...

Origin | Interest | Match
October 20, 2025 at 1:45 PM
android.activitypub.awakari.com.ap.brid.gy
What is the Pixnapping vulnerability, and how to protect your Android smartphone? | Kaspersky official blog The Android vulnerability CVE-2025-48561 (Pixnapping) enables the theft of any data displ...

#threats"/hashtag/Threats" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Threats #2FA #Android #infostealers #passwords #privacy […]

[Original post on kaspersky.co.uk]
November 11, 2025 at 5:09 PM
3ncr1pt4d0.bsky.social
Expertos descubrieron una técnica llamada Pixnapping, que aprovecha permisos de accesibilidad en Android para capturar pantallas con códigos de verificación 2FA.
Esto permite a los atacantes acceder a cuentas bancarias o redes sociales.
www.theregister.com/2025/10/13/a...
October 14, 2025 at 2:12 AM
blockzhub-kr.bsky.social
#안드로이드 "픽스냅핑"이 #암호화폐를 훔친다

이는 사용자에게 위협이 되며, 앱이 민감한 데이터를 훔칠 수 있게 해줍니다.

더 읽기: https://blockzhub.io/news/68ef5e6cc11627f2e7e372d3?utm_source=bluesky&utm_medium=social&utm_campaign=news_share
Android Pixnapping Steals Crypto
October 15, 2025 at 12:12 PM
sketchynews.net
[Ars Technica]Hackers can steal 2FA codes and private messages from Android phones - Ars Technica Malicious app required to make “Pixnapping” attack work requires no permissions.
October 14, 2025 at 11:00 PM
softouchsystems.bsky.social
Pixnapping Attack Android: What Texas SMBs Need to Know — and Do Today

A new class of Android exploit called the pixnapping attack poses a serious risk. It can let a malicious app steal pixels from other apps. This includes one-time 2FA codes, private messages, and payment info. The app can do…
Pixnapping Attack Android: What Texas SMBs Need to Know — and Do Today
A new class of Android exploit called the pixnapping attack poses a serious risk. It can let a malicious app steal pixels from other apps. This includes one-time 2FA codes, private messages, and payment info. The app can do this without requesting special permissions. Texas small-and-medium businesses that rely on Android devices for authentication, banking, or client work should take this risk seriously.
softouchsystems.com
November 3, 2025 at 4:01 PM
bluesky.awakari.com
Pixnapping: New Android Side-Channel Steals 2FA Codes Pixel-by-Pixel

Interest | Match | Feed
Origin
www.blackhatethicalhacking.com
November 5, 2025 at 2:31 PM