Security News

"The two aforementioned WhatsApp vulnerabilities would have made it possible for attackers to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions," researchers from Census Labs said today. "With the TLS secrets at hand, we will demonstrate how a man-in-the-middle attack can lead to the compromise of WhatsApp communications, to remote code execution on the victim device and to the extraction of Noise protocol keys used for end-to-end encryption in user communications."

Malware disguised as a Netflix app, lurking on the Google Play store, spread through WhatsApp messages, researchers have discovered. According to a Check Point Research analysis released on Wednesday, the malware masqueraded as an app called "FlixOnline," which advertised via WhatsApp messages promising "2 Months of Netflix Premium Free Anywhere in the World for 60 days." But once installed, the malware sets about stealing data and credentials.

Researchers have discovered new Android malware that uses Netflix as its lure and spreads malware via auto-replies to received WhatsApp messages. read more

Newly discovered Android malware found on Google's Play Store disguised as a Netflix tool is designed to auto-spread to other devices using WhatsApp auto-replies to incoming messages. Researchers at Check Point Research discovered this new malware disguised as an app named FlixOnline and trying to lure potential victims with promises of free access to Netflix content.

Cybersecurity researchers have discovered yet another piece of wormable Android malware-but this time downloadable directly from the official Google Play Store-that's capable of propagating via WhatsApp messages. Disguised as a rogue Netflix app under the name of "FlixOnline," the malware comes with features that allow it to automatically reply to a victim's incoming WhatsApp messages with a payload received from a command-and-control server.

Facebook services are currently experiencing issues around the world, with users unable to access Facebook, Messenger, WhatsApp, and Instagram. When attempting to access Facebook services, users worldwide have stated that the application will display a continuous "Connecting" message.

South Africa's information regulator has protested WhatsApp's plans to share user data with Facebook, vowing to engage directly with the popular messaging app to ensure its compliance to national privacy laws. In January, WhatsApp asked all its users to accept new terms allowing it to share more private information with its parent company Facebook for advertising and e-commerce purposes.

A newly discovered Android malware has been found to propagate itself through WhatsApp messages to other contacts in order to expand what appears to be an adware campaign. "This malware spreads via victim's WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app," ESET researcher Lukas Stefanko said.

WhatsApp on Friday postponed a data-sharing change as users concerned about privacy fled the Facebook-owned messaging service and flocked to rivals Telegram and Signal. The update concerns how merchants using WhatsApp to chat with customers can share data with Facebook, which could use the information for targeted ads, according to the social network.

WhatsApp said on Friday that it wouldn't enforce its recently announced controversial data sharing policy update until May 15. The Facebook-owned company has since repeatedly clarified that the update does not expand its ability to share personal user chats or other profile information with Facebook and is instead simply providing further transparency about how user data is collected and shared when using the messaging app to interact with businesses.