A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, ...

Pixnapping attack lets malicious apps steal sensitive data from Android devices

Pixnapping is a newly disclosed class of side-channel attacks that targets Android smartphones. The attack, conceived by researchers, would allow a malicious app to leak secret ...

New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing ...
PCMag

'Pixnapping' Attack Can Steal Two-Factor Codes From Android Phones

Google has only partially mitigated the attack, which involves using a malicious Android app to secretly discern the two-factor codes generated by authenticator apps.
The Hacker News

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Pixnapping side-channel can steal 2FA codes pixel-by-pixel on Android 13–16; CVE-2025-48561 patched Sept 2025 but workaround ...