The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
Wired

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, and other private data in less than 30 seconds. The new attack, named ...

Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now

Microsoft patched a Microsoft 365 Android flaw that exposed account tokens across six apps. Here’s what IT teams should check ...
Android

Gmail will soon use QR codes for two-factor authentication

Google has long offered SMS as an option to receive two-factor authentication codes for Gmail. However, there are risks associated with it. Criminals can easily intercept SMS verification and make you ...
Android Police

Fight me: Google's new QR code authentication should be the standard

Jon Gilbert is a Features Writer for Android Police. I've covered Android since 2021, focusing on writing features and guides about Android apps and features that directly affect users. I've attended ...
Bleeping Computer

New Android Identity Check locks settings outside trusted locations

Google has announced a new Android "Identity Check" security feature that lock sensitive settings behind biometric authentication when outside a trusted location. The new feature is part of Anroid's ...

‘May 11 Rollout’—Samsung Confirms Free Android Upgrade

Galaxy S25 users in Korea finally received the new software on May 6, which brings a raft of free Galaxy S26 security ...