LightBlog
Affichage des articles dont le libellé est xda-developers » xda-developers | JavaScript v8 Exploit Lets Chrome Force an APK Install on Android. Afficher tous les articles
Affichage des articles dont le libellé est xda-developers » xda-developers | JavaScript v8 Exploit Lets Chrome Force an APK Install on Android. Afficher tous les articles

jeudi 12 novembre 2015

JavaScript v8 Exploit Lets Chrome Force an APK Install on Android

JavaScript v8 Exploit Lets Chrome Force an APK to be Installed on Android

During the PacSec conference in Tokyo yesterday, MobilePwn2Own demoed a vulnerability in Chrome that exploits the JavaScript v8 engine and allows malicious hackers to install an application on Android without any user interaction at all. PacSec organiser Dragos Ruiu says that this exploit is rare because “it was one shot” and that most people “have to exploit several vulnerabilities” to load software without user interaction.



from xda-developers » xda-developers | JavaScript v8 Exploit Lets Chrome Force an APK Install on Android http://ift.tt/20OA35V
via IFTTT
Publié par à Aucun commentaire:
Libellés : ,

InstaAgent Pulled From Play Store for Harvesting Passwords

InstaAgent App Pulled From the Google Play Store for Harvesting Passwords

InstaAgent, a 3rd-party application that lets you log into your Instagram application and see who was viewing your profile, has been pulled from the Play Store. A separate developer had started to audit the code and discovered that InstaAgent was actually storing your Instagram username and password in an unencrypted plain text file and sending this information to an unknown server.



from xda-developers » xda-developers | JavaScript v8 Exploit Lets Chrome Force an APK Install on Android http://ift.tt/20OA2Ph
via IFTTT
Publié par à Aucun commentaire:
Libellés : ,
Inscription à : Commentaires (Atom)