A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, ...

Pixnapping attack can steal 2FA codes from Android devices using onscreen pixels

Google has assigned the issue CVE-2025-48561 (CVSS 5.5) and shipped mitigations in the September 2025 Android Security Bulletin, warning that spammy blur requests can both indicate and enable pixel ...
PCMag

'Pixnapping' Attack Can Steal Two-Factor Codes From Android Phones

Google has only partially mitigated the attack, which involves using a malicious Android app to secretly discern the two-factor codes generated by authenticator apps.

Hackers can steal 2FA codes and private messages from Android phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, ...