A newly discovered Android bug enables rogue apps to infer and rebuild on-screen visuals, potentially exposing private information such as seed phrases and authentication codes.