How secure is your Android app? Test your app for free and receive a custom security report. Get started.

Search
Search
Close this search box.
Get pricing
Talk to us
Back to VMX Labs

Cybersecurity Insights

Stay updated on the latest cybersecurity issues including emerging threats and vulnerabilities.

Commentary

Salt Typhoon Exposes Critical Gaps in Mobile Security: CISA Reacts

CISA issues guidelines to secure mobile communications after the Salt Typhoon espionage breach targeting U.S. telecom networks. Learn key steps to stay safe.
5 days ago
3 Mins
Commentary

When Apps Attack: HGS Hack, F@c! Messages and Bitcoin Ransoms

Hackers disrupt Turkey’s HGS toll app with profanities, Bitcoin demands, and threats to user data. Learn about the security flaws behind the attack.
30/12/2024
Commentary

BoneSpy & PlainGnome: The Spyware Duo Disguised as Trusted Apps

Fake apps like BoneSpy & PlainGnome threaten user privacy. Stay informed about app repackaging tactics and prevent malware attacks with Verimatrix's insights.
26/12/2024
Threat Advisory

Decoding Remo: The Evolving Android Banking Trojan

Verimatrix and Cyble Labs uncover the latest Remo trojan variant. Find out how this threat affects banking and crypto apps and the steps taken to stop it.
19/12/2024

Join our newsletter

Get the latest cybersecurity insights delivered straight to your inbox.

All threat advisories and articles.

Commentary

Salt Typhoon Exposes Critical Gaps in Mobile Security: CISA Reacts

CISA issues guidelines to secure mobile communications after the Salt Typhoon espionage breach targeting U.S. telecom networks. Learn key steps to stay safe.
  • 5 days ago
  • 3 Mins
Commentary

When Apps Attack: HGS Hack, F@c! Messages and Bitcoin Ransoms

Hackers disrupt Turkey’s HGS toll app with profanities, Bitcoin demands, and threats to user data. Learn about the security flaws behind the attack.
  • 3 weeks ago
  • 3 Mins
Commentary

BoneSpy & PlainGnome: The Spyware Duo Disguised as Trusted Apps

Fake apps like BoneSpy & PlainGnome threaten user privacy. Stay informed about app repackaging tactics and prevent malware attacks with Verimatrix’s insights.
  • 3 weeks ago
  • 3 Mins
Threat Advisory

Decoding Remo: The Evolving Android Banking Trojan

Verimatrix and Cyble Labs uncover the latest Remo trojan variant. Find out how this threat affects banking and crypto apps and the steps taken to stop it.
  • 1 month ago
  • 6 Mins
Threat Advisory

A Ghostly New NFC-Based Crime

Learn about the latest cyber threat: Ghost Tap. Hackers exploit NFC technology to steal money from your mobile payments. Read how to protect yourself here.
  • 1 month ago
  • 2 Mins
Threat Roundup

Cybersecurity Threat Roundup #17: ErrorFather, TrickMo, Necro, and more

Protect your mobile apps from evolving threats. Verimatrix’s Cybersecurity Threat Roundup delivers key insights to strengthen your security defenses.
  • 1 month ago
  • 3 Mins
Commentary

Code Blue: Healthcare App Defenses Under Siege

Rising cyberattacks on healthcare apps demand action. Learn how to defend your app with encryption, monitoring, and multi-layered security.
  • 2 months ago
  • 4 Mins
Commentary

Mobile App Protection: The Strain on CISOs and the Risks of Overextension

Neglecting mobile app protection can cost more than it saves. See why CISOs must integrate app shielding into their broader cybersecurity framework.
  • 2 months ago
  • 4 Mins
Commentary

Singapore’s Safe App Standard 2.0: A Notable Mandate for Mobile App Developers

Guard your mobile apps against rising threats. Verimatrix’s Cybersecurity Threat Roundup offers insights and advisories to enhance your security strategy.
  • 2 months ago
  • 4 Mins
Threat Roundup

Cybersecurity Threat Roundup #16: Ajina, NGate, SpyAgent, and more

Guard your mobile apps against rising threats. Verimatrix’s Cybersecurity Threat Roundup offers insights and advisories to enhance your security strategy.
  • 3 months ago
  • 4 Mins
Threat Advisory

100 Mobile App Threats to Watch in 2024

Don’t be caught off guard! Check out the mobile app threat watchlist for 2024 created by VMX Labs. Stay safe online from the top 100 mobile app threats today.
  • 4 months ago
  • 18 Mins
Threat Roundup

Cybersecurity Threat Roundup #15: BingoMod, Chameleon, Daggerfly, and more

Protect your mobile apps from emerging threats revealed in Verimatrix’s Cybersecurity Threat Roundup. Gain expert insights to strengthen your security posture.
  • 4 months ago
  • 4 Mins
Threat Advisory

BlankBot Trojan Stands as Latest Example of Custom Overlay Usage

BlankBot Trojan exploits Android’s accessibility services, using custom overlays to steal financial info. Learn how this malware targets mobile users.
  • 4 months ago
  • 3 Mins
Threat Roundup

Cybersecurity Threat Roundup #14: Authy, GuardZoo, Medusa, and more

Stay ahead of mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Fortify your defense strategy with timely advisories and expert insights.
  • 5 months ago
  • 3 Mins
Threat Advisory

Android Malware Campaign Targets Indian Mobile Banking Users

VMX Labs reveals an Android malware campaign targeting Indian bank users by stealing OTPs via SMS-stealer apps. Read about this mobile banking security threat.
  • 6 months ago
  • 2 Mins
Commentary

Improper Credential Usage: Batten Down the Hatches

Explore how to combat improper credential usage with strategies from OWASP’s Mobile Top 10 to secure your mobile apps and protect sensitive user data.
  • 6 months ago
  • 2 Mins
Threat Roundup

Cybersecurity Threat Roundup #13: Antidot, CraxsRAT, GitCaught, and more

Stay ahead of mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Fortify your defense strategy with expert insights and timely advisories.
  • 7 months ago
  • 3 Mins
Commentary

Smart Homes, IoT Devices, and the Unprotected Apps That Power Them

Learn how to secure your IoT apps against online threats to your smart home. Discover potential risks and critical steps to protect your connected devices.
  • 7 months ago
  • 4 Mins
Threat Advisory

AzraelBot: New Android Banking Trojan Alert

ALERT! VMX Labs found 5 active C2 server login panels in Poland, Italy, and Brazil that are hosting manual and automatic overlay attacks.
  • 7 months ago
  • 2 Mins
Threat Roundup

Cybersecurity Threat Roundup #12: Brokewell, LightSpy, SoumniBot, and more

Keep abreast of mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Enhance your defense strategy with timely advisories and expert insights.
  • 8 months ago
  • 3 Mins
Threat Advisory

Vultur Banking Trojan Alert for Android Users in Finland

Android user in Finland? Read about the banking trojan affecting Finnish android users who are duped into downloading an infected McAfee antivirus app.
  • 8 months ago
  • 2 Mins
A person looking at a bunch of code on a computer screen.
Threat Roundup

Cybersecurity Threat Roundup #11: Coper, Octo, CriminalMW, and more

Stay in the loop on mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Enhance your defense strategy with expert advisories and insights.
  • 9 months ago
  • 4 Mins
A futuristic sports car driving on a straight path with many light fixtures.
Commentary

3 Security Imperatives for Vehicle App Manufacturers in 2024

Vehicle app manufacturers in 2024 face critical security challenges, including the OWASP Mobile Top 10 vulnerabilities. Read here for key strategies.
  • 9 months ago
  • 2 Mins
Different sets of staircases leading to colorful doors.
Commentary

Tool Sprawl Versus No Security Tools At All

Learn about the challenges organizations face in prioritizing mobile app security amidst the backdrop of sprawling security tool environments.
  • 10 months ago
  • 3 Mins
A man dressed in Joker makeup and wearing a pinstriped shirt.
Threat Roundup

Cybersecurity Threat Roundup #10: Joker, Samecoin, SpyNote, and more

Stay updated on the latest mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Strengthen your defense strategy with expert advisories.
  • 10 months ago
  • 3 Mins
A soft drink can with a metal straw sitting in a small flamingo floatie
Commentary

Security Threats and Challenges Faced by Hospitality Mobile Apps and Websites

Heard about the MGM Resorts cyberattack? Verimatrix reveals the vulnerabilities exploited by malicious actors targeting hospitality mobile apps and websites.
  • 11 months ago
  • 4 Mins
Blue pearl-like balls raining down on an open umbrella.
Commentary

Safeguarding Mobile Apps: Insights from a Verimatrix-Sponsored Event

Check out this recap of an ISMG roundtable event spnsored by Verimatrix. Get exclusive access to discussions on generative AI, SDLC, and more.
  • 11 months ago
  • 2 Mins
The head of an anonymous person disappearing into the ether.
Commentary

Android And iPhone Users Must Now Face Off With GoldPickaxe That’s Depleting Bank Accounts

Learn about GoldPickaxe, a deepfake-driven malware targeting iOS/Android and exploiting social engineering to break into victims’ bank accounts.
  • 11 months ago
  • 2 Mins
A person reading social media posts and being influenced by fake news.
Commentary

Why iOS Mobile App Developers Need Added Security

This threat commentary by Verimatrix highlights the new vulnerabilities facing iOS devices and the proactive measures developers can take to enhance security.
  • 11 months ago
  • 2 Mins
A group of people looking at their smartphones individually and reading something interesting.
Threat Roundup

Cybersecurity Threat Roundup #9: Fake LastPass app, MavenGate, Moqhao, and more

Stay vigilant against cyber threats with Verimatrix’s Cybersecurity Threat Roundup. Boost defense strategy with timely advisories and intelligence reports.
  • 11 months ago
  • 4 Mins
Commentary

A Quick Look at Singapore’s New Safe App Standard

Singapore recently debuted its new Safe App Standard, the country’s own set of guidelines to boost mobile app security and protect consumers from cyber attacks.
  • 11 months ago
  • 2 Mins
Commentary

NY Fraud Compensation Lawsuit Ushers in Latest Emphasis on Mobile Banking Security

NY fraud compensation lawsuit puts the emphasis on properly deployed mobile banking security measures to prevent disastrous breaches and save money.
  • 11 months ago
  • 2 Mins
Commentary

VajraSpy RAT: Getting a Foot Inside the Store Once Again

Verimatrix’s commentary on the recent detection of the VajraSpy RAT found to be concealed withn Google Play store apps.
  • 11 months ago
  • 2 Mins
Rows of colorful eyes
Threat Roundup

Cybersecurity Threat Roundup #8: Autospill, BLUFFS, Xamalicious, and more

Stay informed with Verimatrix’s Cybersecurity Threat Roundup. Boost your defense strategy with timely advisories and comprehensive intelligence reports.
  • 12 months ago
  • 4 Mins
A visual representation of hackers trying to influence Android phone users through compromised mobile apps.
Commentary

Xamalicious Malware: Android’s Accessibility Services Exploited Once Again

Xamalicious malware raises concerns about Android app security. This article by Verimatrix exposes its infiltration tactics and impact on user privacy.
  • 12 months ago
  • 2 Mins
A colorful collage of Japanese fox masks, fans, flowers, and waters.
Commentary

Crossing the Line: Affiliate-Related Attacks Via the Popular Japanese Messaging App

Verimatrix’s insights into the recent Line app data breach: An affiliate-related attack compromises user data, signaling a need to bolster mobile app security.
  • 1 year ago
  • 2 Mins
Three chairs being balanced on top of one another.
Threat Roundup

Cybersecurity Threat Roundup #7: Enchant, FjordPhantom, IMUTA, and more

Stay abreast of the latest mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Bolster your defenses with advisories, patches, and intel reports.
  • 1 year ago
  • 2 Mins
A multi-layered representation of EU states joining together for a common cause.
Commentary

The EU Gets Serious About Mobile App Security

CRA regulations reshape the European mobile app security landscape. Verimatrix provides trusted CRA-ready solutions for app developers and publishers.
  • 1 year ago
  • 2 Mins
An abstract representation of two people facing each other but their faces have fibre optic cables.
Commentary

Deconstructing a Mobile Banking App Overlay Heist

Our Verimatrix experts dive into the intricate world of mobile banking security breaches. Learn about the mechanics behind overlay attacks on banking apps here.
  • 1 year ago
  • 6 Mins
A fake mobile app that is hiding a malicious threat.
Commentary

Beta Beware: The Dark Side of Mobile App Trials

Understand the cybersecurity menace surrounding mobile app trials, where fake beta versions can expose users to financial scams and unauthorized access.
  • 1 year ago
  • 3 Mins
A person holding a smartphone that is on fire.
Commentary

The Dark Side of Discounts: Voucher Fraud in Mobile Apps

Beware of fake vouchers in your mobile apps! Discover the tactics fraudsters employ to exploit discounts and compromise user experiences.
  • 1 year ago
  • 2 Mins
A warning sign showing that there is to be no hidden bugs in the code.
Threat Advisory

Verimatrix Researchers Expose App Developer Spewing Malware

Fake apps exposed! Verimatrix researchers reveal malware-infected apps by Simi Studio. Learn about the risks and fortify your defenses against unseen threats.
  • 1 year ago
  • 2 Mins
Hackers behind an obstacle trying to break through to the other side.
Threat Roundup

Cybersecurity Threat Roundup #6: Arid Viper, Caracal Kitten, iLeakage, and more

Stay vigilant against cyber threats with Verimatrix’s Cybersecurity Threat Roundup. Boost your defense strategy with timely advisories and intelligence reports.
  • 1 year ago
  • 4 Mins
A person using binocular to uncover the latest cybersecurity threats.
Threat Roundup

Cybersecurity Threat Roundup #5: EvilBamboo, Smishing Triad, WiKi-Eve and more

Stay vigilant against cyberattacks with Verimatrix’s Cybersecurity Threat Roundup. Enhance your knowledge with expert advisories and comprehensive intel.
  • 1 year ago
  • 4 Mins
A mobile device and a website interface with advanced security features for retail protection.
Commentary

Securing the Storefront: Reimagining Retail Mobile App and Website Protections

Retailers create mobile apps to facilitate online shopping, but without app shielding, these apps are often vulnerable to hacking attempts and fraud.
  • 1 year ago
  • 4 Mins
A cybernetic spider crawling on a web of code.
Threat Advisory

GoldDigger: The Systematic Abuse of Android Accessibility Services Is Now a Thing

Read about the emergence of GoldDigger, a new Trojan exploiting Android Accessibility Services, and its impact on mobile banking security.
  • 1 year ago
  • 2 Mins
A mysterious man dressed in a well-tailored suit, standing in a large room full of floating spheres.
Commentary

Dangerous Downloads: What the FDM Hack Teaches Us About Supply Chain Risks

Heard about the FDM hack? Find out how it exposes supply chain risks and how attackers compromise trusted sources in this insightful article by Verimatrix.
  • 1 year ago
  • 2 Mins
A glowing pair of eyes staring back at the reader.
Threat Roundup

Cybersecurity Threat Roundup #4: BadBazaar, CypherRAT, CraxsRAT and more

Stay one step ahead of cyberattacks with Verimatrix’s Cybersecurity Threat Roundup. Elevate your defense strategy with advisories and in-depth intel reports.
  • 1 year ago
  • 3 Mins
A masquerade ball mask
Commentary

Malware Masquerade: The Danger of Repackaged App Attacks and AI Voice Fraud

Your smartphone and voice identity is under threat from new cyber threats! Read about repackaged attacks and AI voice fraud in this eye-opening read.
  • 1 year ago
  • 4 Mins
A malicious hacker hidden from identification.
Commentary

Ghost in the Code: Blind Spots in Mobile App Development

Learn how developers can protect users and data in an evolving threat landscape. Don’t let blind spots in mobile app development compromise your security.
  • 1 year ago
  • 5 Mins
A shield against malicious code.
Commentary

Federal Cybersecurity Gets a Boost: A Proliferation of New Initiatives

The U.S. government is making great strides to fortify cybersecurity with new regulations, transparency, and a united strategy for digital defense. Read now!
  • 1 year ago
  • 2 Mins
A man stares out a window at a lightning storm.
Threat Roundup

Cybersecurity Threat Roundup #3: Anatsa, CherryBlos, DoNotAPT and more

Check out Verimatrix’s Cybersecurity Threat Roundup for insights into the newest mobile app threats. Inform your app security using advisories, patches, etc.
  • 1 year ago
  • 3 Mins
A bunch of creepy hands coming out of a portal.
Commentary

What You Don’t Know Can Hack You: Software Supply Chain Attacks in Mobile Apps

Mobile app developers, stay vigilant! Defend against software supply chain attacks with secure code reviews, regular updates, and monitoring.
  • 1 year ago
  • 3 Mins
Mobile app monitoring
Commentary

Mobile App Monitoring is Winning Over Skeptics and Gaining Acceptance with Banks

Mobile app monitoring gains acceptance in banks, enhancing security and threat detection. Explore XTD solutions for proactive defense.
  • 1 year ago
  • 4 Mins
Commentary

5 Fraud Tactics Deployed by Mobile App Banking Trojans

Learn about cunning tactics used by banking trojans to exploit mobile apps and steal sensitive information from banks and their customers.
  • 2 years ago
  • 4 Mins
Threat Roundup

Cybersecurity Threat Roundup #2: SpinOk, AhRat, Bogus QR Codes and more

Our second issue lists the most pressing cybersecurity threats and vulnerabilities facing businesses across the globe. Stay updated with our quick snippets, intelligence reports, and direct links to more in-depth resources.
  • 2 years ago
  • 4 Mins
Commentary

$100,000 Smackdown: FTC Targets Health App Developers

Read about the FTC’s focus on healthcare data breaches and the need for better safeguards by healthcare app developers to avoid penalties.
  • 2 years ago
  • 5 Mins
Threat Advisory

By HOOK Or By Crook: The Insidious Launch Overlay Attack Targeting Financial Institutions

HOOK a relatively new mobile app malware largely targeting financial institutions in Poland that has now spread worldwide.
  • 2 years ago
  • 5 Mins
Commentary

Goldoson and the Dark Side of Third-Party Mobile App Libraries

The recent Goldoson malware is a software supply chain attack that has affected more than 100 million downloads associated with 60 mobile apps.”
  • 2 years ago
  • 5 Mins
Threat Roundup

Cybersecurity Threat Roundup #1: Chameleon, Hiddad, DAAM Android Botnet and more

In our inaugural issue, we list down the most pressing cybersecurity threats and vulnerabilities facing businesses across the globe. Stay updated with our quick snippets, intelligence reports, and direct links to more in-depth resources.
  • 2 years ago
  • 4 Mins
Threat Advisory

Hackers Use GoatRAT Variant to Exploit Android Accessibility Services to Attack Mobile Apps

The recent GoatRAT variant targeting Brazilian banks shows that app developers need to implement greater protections that can sniff out this abuse on a mobile device. Where we see smoke today, there is likely to be a fire tomorrow.
  • 2 years ago
  • 5 Mins
Commentary

Securing the Road Ahead: Automotive Security Done Right

A new vehicle rolling off the assembly line today has more lines of code than a modern passenger jet. It includes complex infotainment, telematics, and infrastructure systems, all of which must work together in perfect harmony and synchronization to keep the driver connected, informed, and safe.
  • 2 years ago
  • 5 Mins
A person who maintains an anonymous identity.
Threat Advisory

Screen Spoofing: Dangerous Mobile App Overlay Attacks On the Rise

Overlay attacks are a long-known major threat to mobile apps that have made their presence known in a big way in the last few months, becoming more dangerous with new logistics of attack.
  • 2 years ago
  • 8 Mins
A person's face that is wearing sunglasses.
Commentary

Enhancing Application Security Protections: A Look at the Zero-Code Injection Approach to Prevent Reverse-Engineering

Zero-code injection technology serves as a high-value yet low-effort security measure that significantly enhances an application’s protection against reverse-engineering.
  • 2 years ago
  • 3 Mins
A person using an unprotected smartphone that is vulnerable to hackers.
Commentary

Is Mobile App Security Your Organization’s Weakest Link?

Mobile applications are the main way organizations communicate with their customers. It is also the newest pathway for hackers to gain access to sensitive data.
  • 2 years ago
  • 4 Mins
A visual representation of code obfuscation and polymorphism for application security.
Commentary

The Importance of Code Obfuscation and Polymorphism to Application Security

By making source, byte, or machine code significantly more difficult to understand by humans, code obfuscation stands as an essential aspect of application security.
  • 2 years ago
  • 5 Mins
A neon sunrise.
Commentary

A Look Beyond Traditional RASP, MTD and WAF Technologies

The need for proven measures to protect them against malicious attacks remains more important than ever for any organization dependent on the success of critical applications.
  • 2 years ago
  • 5 Mins

You might be interested in:

White Papers

OWASP Mobile Top 10

March 8, 2024

State of Enterprise Mobile App Security – 2023

November 16, 2023

Ensuring Mobile Gaming Security

October 15, 2023

Protecting Mobile Gambling Apps

July 20, 2023

Zero Trust, Zero Compromise

Our approach to cybersecurity is based on the Zero Trust model, which assumes that no user or device can be trusted by default. We will take a Zero Compromise stance on security, ensuring that every aspect of our clients’ systems and data is protected with the highest levels of encryption, access control, and authentication.

View full manifesto