Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Hackers Can Steal 2FA Codes and Private Messages From Android Phones

Researchers demonstrated Pixnapping exploits a vulnerability in Android to capture data from other apps, including 2FA codes, affecting multiple Pixel and Samsung devices.

  • On Oct 14, 2025, researchers at the University of California, the University of Washington, and Carnegie Mellon University reported Pixnapping, an attack letting malicious Android apps capture pixels from other apps and websites.
  • Building on GPU.zip research, Alan Wang, PhD candidate at UC Berkeley, said, `Our group's prior work on GPU.zip...` and the flaw is tracked as CVE-2025-48561, reviving 12-year-old browser pixel attacks.
  • Measured data show on Google Pixel 6, Pixel 7, Pixel 8, and Pixel 9, the attack recovered full 6-digit codes at 73%, 53%, 29%, and 53% respectively, from 100 leaked codes.
  • Despite initial patches, Google said it will issue an additional December Android security bulletin patch, while researchers warn that `Fixing Pixnapping will likely require changes to core Android mechanisms`.
  • Researchers warn the attack can expose two-factor authentication codes, private messages, and financial data, and because the core mechanism is present on all modern Android handsets, many devices may be vulnerable.
Insights by Ground AI

25 Articles

WiredWired
Lean Left

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

The malicious app required to make a “Pixnapping” attack work requires no permissions.

·United States
Read Full Article
MashableMashable
Left

New 'Pixnapping' attack lets hackers steal Android chats, 2FA codes in seconds

Cybersecurity researchers have discovered a new type of attack that affects Android devices, and they say it lets hackers get their hands on your private data in a matter of seconds.This includes your private chats, text messages, emails, and even two-factor authentication (2FA) codes, as Ars Technica reported.The attack, dubbed "Pixnapping" by the team of researchers who discovered it, can be used to extract information from any data displayed …

·United States
Read Full Article
ZDNetZDNet
Center

This new Android exploit can steal everything on your screen - even 2FA codes

Pixnapping begins when a victim unknowingly installs a malicious app on their Google or Samsung phone.

·United States
Read Full Article
9 to 5 Google9 to 5 Google
Center

Google has patched 'Pixnapping' attack in Android, further fix with December security update

Google is aware of a vulnerability that’s able to steal data from apps that are generally considered secure like Authenticator...

Read Full Article
BleepingComputerBleepingComputer
Center

New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content.

Read Full Article
20minutos20minutos
Center

Your Android Mobile May Be Exposing Your passwords... and No One Has Solved It Yet.

Although the vulnerability has been discovered on Google Pixel and Samsung Galaxy S25 mobile phones, the team does not rule out that it has affected other manufacturers.

·Madrid, Spain
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 75% of the sources are Center
75% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Register broke the news in on Monday, October 13, 2025.
Sources are mostly out of (0)

Similar News Topics

Google icon

Google

Mobile Phones icon

Mobile Phones

Apps icon

Apps

Apps icon

Apps

Android icon

Android

Samsung Galaxy icon

Samsung Galaxy

Smartphones icon

Smartphones

News
For You
SearchBlindspotLocal