Mobile Frauds

Fraudsters in Delhi posed as NCB officials to extract OTPs and siphon ₹20.89 lakh—police arrested 5 linked to 473 cases. Enable 2FA, verify calls, and report to 1930 to avoid digital arrest traps and protect your finances.

Researcher exposes vulnerability in Worldline Yomani XR's debug port, allowing instant root shell access for malware or network pivots—despite tamper protections. Merchants must patch firmware and audit devices to block this high-risk entry point.

NPAV wishes you a safe, secure, and joyous Diwali! As you celebrate the festival of lights, let’s also protect our digital world from the darkness of cyber threats.

Sophos exposes Maverick Menace, a self-spreading Android worm using WhatsApp ZIP lures to disable Defender/UAC, hijack sessions with Selenium, and deploy trojan for bank/crypto theft—hits 400+ environments; verify attachments and use behavioral antivirus to protect.

IT pro in Pune scammed ₹3.66 crore via WhatsApp group and bogus trading app granting remote access—fake profits lured investments. Expert tips: Use official apps, enable 2FA, verify before investing—report to cyber cell to stay safe.

Zimperium exposes ClayRat spyware infecting Russian Android users via phishing sites and Telegram lures mimicking WhatsApp/TikTok—exfiltrates SMS, calls, photos; auto-sends to contacts. 600 samples detected; related African phone study reveals pre-installed app risks—update and scan devices now.

Gujarat reports over 38 lakh malware incidents via malicious apps, phishing, and unpatched software, targeting outdated devices for data theft and ransomware. Safeguard with prompt updates, trusted antivirus, 2FA, official app stores, and offline backups to stay protected.

Jammu Cyber Police cracks ₹4.44 crore online fraud, nabbing three Surat suspects for "digital arrest" scam that coerced a businessman via fake law enforcement threats using Aadhaar/SIM data. FIR under IT Act & BNS filed; report scams to 1930 helpline to stay safe.

New Android RAT on GitHub ("Huckel789/Android-RAT") promises permanent stealth, web-based control from any device, and features like SMS theft, 2FA hijacking, live cams, ransomware—no PC needed. Experts warn of lowered cybercrime barriers; analyze in isolation for defenses.

CVE-2025-43400 enables out-of-bounds writes via malicious fonts, risking app crashes and memory corruption on macOS, iOS, and more—no active exploits yet, but RCE potential. Update to Sequoia 15.7.1 immediately for protection against untrusted files.