Mastodawn

One small permission error is letting rogue apps access your SMS—hacking your texts and even cracking MFA codes. This unpatched flaw has been lurking since 2021. Are your messages safe?

https://thedefendopsdiaries.com/oneplus-oxygenos-flaw-exposes-sms-data-cve-2025-10184-remains-unpatched/

#oneplus
#oxygenos
#cve202510184
#smssecurity
#androidvulnerability

OnePlus OxygenOS Flaw Exposes SMS Data: CVE-2025-10184 Remains Unpatched

A critical OxygenOS flaw lets rogue apps access SMS data on OnePlus phones, risking privacy, MFA security, and user trust as the bug remains unpatched.

The DefendOps Diaries

Mustafa Kaan Demirhan Apr 18, 2023

🚨 CISA warns of a high-severity Android bug (CVE-2023-20963) exploited by Chinese app Pinduoduo to spy on users. Federal agencies & private companies urged to patch ASAP. Details: https://eu1.hubs.ly/H03tl7v0 #Cybersecurity #AndroidVulnerability #CISA

Tanisha L. Turner Dec 10, 2022

Android App Web Explorer vulnerability detected and data leakage of users' browser history:

https://securityaffairs.co/wordpress/139415/mobile-2/android-app-with-over-5m-downloads-leaked-user-browsing-history.html

#androidvulnerability #androidapps #dataleak

<strong>Android app with over 5m downloads leaked user browsing history</strong>

The Android app Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific users’ browsing history. Original post at https://cybernews.com/security/android-app-leaked-user-browsing-history/ A browsing app for Android devices, Web Explorer – Fast Internet, left open its Firebase instance, exposing app and user data, the Cybernews research […]

Security Affairs