Droid Tools

Tag: security

  • Xiaomi HyperOS 3.1 update brings major new features — here’s what to know

    Xiaomi HyperOS 3.1 update brings major new features — here’s what to know

    On January 22, 2026, Xiaomi launched the HyperOS 3.1 beta, which included minor but significant UI and privacy improvements. Phones become smoother and speedier as a result. Additionally, the HyperOS 3.1 update uses AI to extend battery life.

    With improved app switching and adjustable settings, it improves the user interface. Additionally, it offers improved multitasking, smoother animations, and increased privacy and security.

    A more reliable, refined, and connected experience is provided by HyperOS 3.1. It also offers support for iOS calls and security updates for Android 16. Let’s examine the characteristics of HyperOS 3.1 in more detail below:

    Quick look at Xiaomi HyperOS 3.1 features coming to your device

    CategoryFeatureExplanation
    iOS IntegrationAirPods Native Pop-UpLet users hide unlock pattern traces
    iOS IntegrationSpatial Audio SupportEnables 360-degree immersive audio on Xiaomi phones
    iOS IntegrationANC & Transparency ControlManage noise cancellation and sound modes easily
    iOS IntegrationFind My AirPodsLocate lost AirPods without needing an Apple ID
    UI & AnimationsNew System AnimationsSmoother, more fluid transitions across the system
    UI & AnimationsiOS-Style Recent AppsCard-like multitasking view inspired by iOS
    Apps OverhaulNew Gallery & Weather AppsFaster apps with rewritten code for better performance
    AccessibilityNew “Assistance” MenuEasier access to vision, hearing, and control tools
    AccessibilityActive Visual PerceptionHelps users better understand on-screen content
    Motion & ComfortMotion Sickness FeatureReduces visual motion to prevent dizziness
    Super IslandLive Update SupportReal-time updates from apps like Uber and Spotify
    Super IslandTodo Notes & QR AccessView tasks, QR codes, and maps directly on Island
    Lock ScreenCard Swipe SupportSwipe payment and transit cards on lock screen
    MediaMusic Progress BariOS-style glowing progress bar on media player
    EcosystemXiaomi + iPhone Call SupportAnswer Xiaomi calls directly on an iPhone
    System CoreBiometric RedesignImproved fingerprint and unlock settings
    System CoreQuick GesturesFaster gesture shortcuts on select premium phones
    SecurityNew Password AppStores passwords, Wi-Fi logins, and passkeys
    SecurityPassword Breach AlertsWarns if your passwords are compromised
    PrivacyShake Permission UpdateLimits app access to camera, mic, or location
    PrivacyHidden Pattern TrailLets users hide unlock pattern traces
    PerformanceFaster & Smoother SystemImproved speed and stability
    BatteryAI Battery OptimizationSmarter power saving using AI
    Android CoreAndroid 16 Security PatchesLatest system-level security improvements

    iOS integration

    You may have overlooked many Apple-only features if you have Apple AirPods and a Xiaomi phone. The AirPods’ battery level was visible before the introduction of Xiaomi HyperOS 3.1. Similar to Apple AirPods, Xiaomi phones have developed as a local brother that will never be alone.

    Important improvements like Apple-like native Pop Up support are included in the latest version of HyperOS 3.1. A brief card with details about the battery and connectivity now appears on your screen when you open the AirPod

    Spatial Auido, one of Apple’s most exclusive features, is now accessible. Users of Xiaoimi can now enjoy native 360-degree immersive audio. Additionally, the HyperOS club allows you to control the connection time, ANC, and Transparency mode.

    Additionally, instead of displaying the standard Bluetooth icon, it only displays the appropriate AirPods model icon. Notably, Xiaomi’s “Find My” Integration allows you to locate your misplaced AirPods using Xiaomi Online Search without even requirin

    New UI animations

    Xiaomi rewrites Gallery and Weather and changes its animations. To enhance system performance, all outdated code has been eliminated. The new APK files will crash when installed on older HyperOS 3 devices as a result of this modification.

    Additionally, the company imitated the latest iOS 26 app animation. Switching between programs feels more contemporary because to the new style, which resembles the iOS cards.

    Improvements have been made to the white bar at the bottom of the screen that indicates when you are in full-screen mode. It now responds better to touch and moves more fluidly.

    HyperOS 3.1 now has a new Motion Sickness function from Xiaomi. Motion sickness-causing visual motion cues are lessened by this featur

    Improved Super Island

    Although Super Island now uses the native Android 16 “Live update” API, it was completely inspired by iOS Dynamic Island. Thus, Xiaomi-specific code will no longer be required for international apps such as Uber, Spotify, or other food delivery services to display real-time information on Super Island

    Following this upgrade, Xiaomi added a Todo Notes feature. You no longer need to open the app landing page in order to view a variety of notifications, QR codes, and map instructions in Island. Additionally, a function known as Lock Screen Card Swipe is added. This makes it simple to swipe through your cards, including transit and payment cards, directly on the lock screen. You won’t have to visit a different wallet website.

    The new Music Progress Bar, which was completely lifted from iOS, is one of my favorites. The media player on the island now has a glowing progress bar thanks to a straightforward yet lovely modification.

    System Core enhancements

    The “Assistance” Menu functionality was implemented in HyperOS 3.1 (Accessibility Settings Change). This indicates that Xiaomi renamed and relocated the accessibility options to a new main menu called “Assistance.” Those who require simpler phone controls or who have vision or hearing issues can benefit from these options.

    Features, for instance, relocated there. Active Visual Perception improves the clarity of what users see or comprehend on the screen. Screen readers, text size control, and tools for hearing and vision assistance.

    Additionally, the new biometric area offers a more contemplative experience. Additionally, Xiaomi included Quick Gestures control, which is only available on more recent high-end models like the Poco F8 Ultra and Redmi K90 Pro Max.

    As I have stated, deep ecosystems are greatly impacted by Apple AirPod integration. Additionally, the most crucial brick is iPhone Cross-Compatibility (Xiaomi + iPhone). You can now answer and receive calls from your Xiaomi phone directly on your iPhone if you have both an iPhone and a Xiaomi phone. To put it simply:

    When your Xiaomi phone calls, you may answer it on your iPhone. Thus, you don’t always need to touch your Xiaomi phone. Since Apple and Xiaomi often don’t collaborate closely, this function is unique in that it links two competing ecosystems.

    Many security improvements

    hyperos 3.1 security updates

    The Passwprd App, similar to iOS, is now one of the key features of HyperOS 3.1. Similar to Apple, this new tool helps you manage your Wi-Fi passwords, passkeys, and app logins.

    It can detect and alert you if your passwords have been stolen. Additionally, it allows you to manage all of your passwords in one location by combining them from several online browsers. Additionally, it offers a simple method for your passwords to be automatically filled in throughout the system.

    The way you can use patterns and fingerprints has changed in the latest release. The pattern trace can now be concealed once more. Additionally, it is now simpler to select your security options because the fingerprint unlock is independent of the private password settings.

    Shake Permission Update is a new function that allows you to modify your privacy. This enables you to restrict access to your location and camera, for example, only when your screen is on. Additionally, you have the option to restrict these permissions to eight seconds following the opening of an application. By doing this, you can stop apps from following you when you’re not

    xiaomi hyperos 3.1 update

    Overall, HyperOS 3.1’s improvements prioritize polish over a significant redesign, enhancing ecosystem connectivity, privacy, battery efficiency, and smoothness. This beta seems more polished, reliable, and prepared for the future than earlier HyperOS iterations thanks to Apple-inspired features and Android 16 security improvements.

  • Warning: Infected apps are making phones tap ads without users knowing

    Warning: Infected apps are making phones tap ads without users knowing

    Two groups of researchers have found two new, distinct types of malware that function similarly and are embedded in a variety of programs that are accessible through different channels. Worst of all, the standard advice to “don’t install apps from strange sites” is less helpful because some of them are even available on the Google Play Store.

    Although these two pieces of malware appear to be distinct, they function similarly. They exploit the functions of your phone to click on advertisements nonstop, slowing it down and significantly depleting its battery.

    Virtual screens, real ads

    Researchers at the mobile security company Dr.Web found the latest recent spyware, which has not yet been named. Bleeping Computer revealed the discovery. This malware makes use of the TensorFlow.js framework that Google distributed with Android phones to enable machine learning operations in browsers.

    And it works: when the malware is activated, it creates a virtual (false) screen where it shows and clicks on advertisements. Compared to more traditional ad-clickers, the clicks appear far more natural due to the usage of a machine learning technique. However, it has an equally detrimental effect on your device as earlier malware, with notable effects on battery life and processing speed.

    Even worse, the app allows attackers to interact with the fake display as needed by opening a permanent livestream on your device.

    Interestingly, Xiaomi’s GetApps software catalog is where the apps originates. Dr.Web claims that the malware is introduced after the apps are uploaded, avoiding all possible security measures.

    inevitably, third-party app websites like Apkmody and Moddroid have also been severely compromised by the malware. Researchers assert that both the latter’s Editor’s Choice list and “premium” versions of apps like Spotify that may be accessible on Telegram channels are rife with compromised apps.

  • Dangerous Android malware quietly targets and empties bank accounts

    Dangerous Android malware quietly targets and empties bank accounts

    We recently reported about another type of banking Android malware that operates in the background and leverages accessibility settings to steal data, including passwords and bank credentials. More malware that allows remote attacks on Android devices and is freely disseminated among hackers as part of a subscription service has just been disclosed.

    More banking malware on the loose

    Dangerous Android malware quietly targets and empties bank accounts

    A new Android trojanware known as Albiriox has been found by researchers at the online fraud protection company Cleafy. Albiriox is disseminated through what are referred to as “dummy” or infected APKs to deceive users into downloading real apps, much as Sturnus, the malware that was discovered last week.

    Hackers have tricked people by making phony copies of Google Play Store app listings, as Android Authority noted. As a result, potential victims may think they are downloading an app from a secure site when, in fact, they are not. Additionally, hackers have enticed victims by posting fictitious offers and promotions, requesting contact information, and then distributing the malicious APKs via well-known messaging services like Telegram and WhatsApp.

    The research group claims that hackers in Russia and other nearby regions have been the primary users of these approaches. After being disseminated as a Malware-as-a-Service (MaaS) on dark web forums, it is reported to have lately acquired popularity.

    The “install unknown apps” permission on users’ devices is mostly enabled via the APK files that hackers disseminate. The current (and destructive) program containing Albiriox is installed by the dropper app after that is activated.

    According to Android Authority, the research organization has already caught over 400 fraudulent apps that target consumers in categories including banking, fintech, digital payments, and cryptocurrencies. Instead than obtaining users’ login credentials, these software versions enable hackers to conduct transactions directly on users’ banking apps.

    You should be wary of any strange programs you install, especially if they appear to be connected to banking or any other financial service, as the malware works more covertly and silently. Make sure you have the most recent Play Protect update installed and that you only download apps from the official Google Play Store app.

    In terms of updates, make sure your device has the most recent firmware that is supported, as this contains patches for vulnerabilities that have just been discovered. Similarly, Google has published the December Android Security Bulletin.

  • Xiaomi rolls out major Security V12 update with improved Game Turbo

    Xiaomi rolls out major Security V12 update with improved Game Turbo

    The Security V12 generation of Xiaomi’s standard Security app has finally been released with a significant update. The most recent build, V12.0.3-251114.1.1, is mostly concerned with modifications to the system infrastructure. However, as the new build offers a whole redesign of the Game Turbo interface and sophisticated system optimization logic, this would be quite intriguing for those waiting for the release of the next HyperOS stage. With this upgrade, Xiaomi is at last getting ready for a significant change in the management of background operations and the optimization of gaming performance on devices throughout the world.

    Xiaomi rolls out major Security V12 update

    Increased optimization in new Security V12

    The Security V12 branch has been made available to the public for the first time with this build. The Security V12 series is a package deal of significant architectural improvements that align with next system versions, in contrast to the incremental updates that preceded it. The improved optimization engine, which promises to clear caches and free up memory without disrupting user activity, is especially noteworthy in the changelog. Thus, the move to version 12.0.3 would suggest that Xiaomi is preparing for more demanding software applications, maintaining devices’ responsiveness and fluidity during more taxing operations.

    Enhanced gaming capabilities

    However, the improved Game Turbo module is the most notable feature of this version. Performance modes and floating windows can now be accessed more quickly thanks to Xiaomi’s UI optimization. In order to prioritize frame rates and network stability during gameplay, new optimization algorithms operate in the background in silent mode. With much lower latency and input lag, enthusiasts who use their devices for competitive gaming will notice how much more seamless the transition from the game to system notific

    How to update

    To update the Security app on Xiaomi devices, open the Security app and scroll to the bottom until you see the Settings or About section. Tap Update (or Check for updates) if available. You can also update it through the GetApps store by searching for Security and installing the latest version. If the update doesn’t appear, make sure your phone is connected to the internet and running the latest MIUI/HyperOS system version, as some Security app updates are bundled with system updates.

    Keeping system applications updated is very crucial for maintaining the security and performance stability of any device. Among such capabilities are unlocking hidden Xiaomi settings, updating other system applications seamlessly, and managing screen refresh rates, among the common updater features.

  • WhatsApp warning: A simple trick compromised 3.5 billion accounts

    WhatsApp warning: A simple trick compromised 3.5 billion accounts

    There may be hidden risks to billions of WhatsApp accounts. According to a recent analysis, there are major security flaws in the privacy of the communications that hackers might take advantage of.

    With merely their phone number, finding someone on WhatsApp is very simple for many users, and the frequency of searches appears to be limitless. However, according to a recent analysis, this has turned into a significant security flaw that leaves 3.5 billion users of the messaging program vulnerable to assault.

    Big WhatsApp security risk

    Through a study carried out between December 2024 and April 2025, security researchers at the University of Vienna in Austria found the vulnerability. The primary cause of the problem is WhatsApp’s long-standing built-in capability for locating and adding contacts.

    In theory, the app will display whether a number has an account if you add it and then search it up. Additionally, anyone with an active phone number is able to send messages to public accounts and view the profile.

    WhatsApp warning

    A program known as “libphonegen,” which creates combinations of account numbers from other nations that may be registered on WhatsApp, was used by the team to carry out this procedure.

    They were able to produce 63 billion possible accounts and 100 million numbers each hour in their study. 3.5 billion accounts were taken out of those. Of these, 29% had written profiles with sensitive information including political and religious affiliations and links to other social media accounts, while 57% had their profile images made public.

    The vulnerability Is alarming

    The results show how this WhatsApp security vulnerability could be exploited by malevolent parties, including fraudsters and attackers. For example, the encryption in the messaging app is weakened since public and identification keys are reusable rather than unique. Attackers might intercept and decrypt messages if security was compromised.

    The identical WhatsApp vulnerability was discovered in 2017, but Meta has not been able to fix the flaw.

    Following the discoveries, Meta was contacted by the security research group. The company verified that it implemented system modifications in October that restrict the number of account searches that may be done within the app.

    How to protect yourself

    Users with public profiles, however, are still vulnerable because others can still read their profile images and text. Making their WhatsApp profile private is advised for those who are worried about security and privacy.

    Additionally, Meta has added new security and privacy features. A monthly message cap and automatically muting calls and messages from strangers are two of these that are presently being testing.

  • New Android malware copies card data and PINs for instant ATM cashouts

    New Android malware copies card data and PINs for instant ATM cashouts

    A new Android-based spyware that leverages NFC technology to make illegal ATM cash withdrawals and empty victims’ bank accounts was examined by the Polish Computer Emergency Response Team (CERT Polska).

    Researchers discovered that the software, known as NGate, allows attackers to use banking information stolen from victims’ phones to withdraw money from ATMs (Automated Teller Machines, or cash machines) without actually taking the cards.

    NFC is a wireless technology that enables close-quarters communication between gadgets like terminals, cellphones, and payment cards. Therefore, rather of stealing your bank card, the attackers use a mobile phone infected with the NGate virus to record NFC (Near Field Communication) activities and send that transaction data to ATM equipment. Instead of being relayed just via radio, the stolen data in NGate’s situation is transmitted over the network to the attackers’ servers.

    There are several “flavors” of NFC. Some generate a static code, like the card that opens the door to my apartment complex. I can use a gadget like my “Flipper Zero” to open the door by just copying that type of signal. However, dynamic codes are used by sophisticated contactless payment cards, such as your Visa or Mastercard debit and credit cards. Your card’s chip creates a unique, one-time code (commonly referred to as a cryptogram or token) each time you use the NFC. This code is unique and cannot be reused.

    That’s why the NGate malware is more advanced. It does more than just pick up a signal from your card. The victim must be duped into entering their PIN and completing a tap-to-pay or card-verification activity after the phone has been compromised. When that occurs, the app records every piece of information required for an NFC transaction, including the card number, new one-time codes, and other information created at that same moment.

    All of the NFC data, including the PIN, is then immediately sent to the attacker’s handset via the virus. The attacker uses the codes right away to mimic your card at an ATM because they are newly produced and only valid for a brief period of time. The accomplice at the ATM displays the collected data using a card-emulating device, such as a phone, smartwatch, or bespoke hardware.

    However, as you may guess, social engineering and preparation are necessary to be prepared at an ATM when the data arrives.

    Attackers must first infect the victim’s device with malware. They usually send prospective victims phishing emails or SMS messages. They frequently try to create anxiety or urgency by claiming that there is a technical or security problem with their bank account. Occasionally, they make a follow-up call while posing as representatives of the bank. These calls or texts instruct victims to download a phony “banking” app from an unofficial source, like a direct link rather than Google Play.

    After installation, the software requests permissions and guides users through fictitious “card verification” procedures. While an accomplice waits at an ATM to cash out, the objective is to persuade victims to act swiftly and trustingly.

    Stay safe:

    NGate only functions when your phone is compromised and you are duped into entering your PIN and starting a tap-to-pay action on the phony banking app. Therefore, the greatest defense against this infection is to protect your phone and be on the lookout for social engineering:

    • Stick to trusted sources. Download apps only from Google Play, Apple’s App Store, or the official provider. Your bank will never ask you to use another source.
    • Protect your devices. Use an up-to-date real-time anti-malware solution like Malwarebytes for Android, which already detects this malware.
    • Do not engage with unsolicited callers. If someone claims to be from your bank, tell them you’ll call them back at the number you have on file.
    • Ignore suspicious texts. Do not respond to or act upon unsolicited messages, no matter how harmless or urgent they seem.
    malwarebytes

    Malwarebytes Mobile Security

    Malwarebytes is an anti-malware software for Windows, macOS, ChromeOS, Android, and iOS that finds and removes malware.

    FreePlay Store

    Malwarebytes for Android detects these banking Trojans as Android/Trojan.Spy.NGate.C; Android/Trojan.Agent.SIB01022b454eH140; Android/Trojan.Agent.SIB01c84b1237H62; Android/Trojan.Spy.Generic.AUR9552b53bH2756 and Android/Trojan.Banker.AURf26adb59C19.

  • Over 42 million downloads: malicious Android apps found on Google Play

    Over 42 million downloads: malicious Android apps found on Google Play

    According to a survey by cloud security firm Zscaler, hundreds of malicious Android apps on Google Play were downloaded over 40 million times between June 2024 and May 2025.

    The company saw a 67% year-over-year increase in malware that targeted mobile devices during that time, with banking trojans and spyware being the most common threats.

    According to telemetry data, threat actors are leveraging phishing, smishing, SIM-swapping, and payment frauds to take advantage of mobile payments instead of traditional card fraud.

    Malicious Android apps found on Google Play

    The shift to social engineering assaults can be explained by the widespread use of mobile payments and enhanced security standards like chip-and-PIN technology.

    According to Zscaler, “to carry out these assaults, fraudsters use phishing trojans and malicious programs designed to steal financial information and login passwords.”

    Zscaler estimates that it has found 239 harmful apps in the official Android store, with a total of 42 million downloads, compared to 200 malware apps on Google Play last year.

    The emergence of adware as the most significant threat in the Android ecosystem, which now accounts for over 69% of all detections—nearly twice as many as the previous year—is another noteworthy trend observed at that time.

    After leading with 38% the previous year, the Joker info-stealer is currently in second position with 23%.

    The SpyNote, SpyLoan, and BadBazaar families—which are used for identity theft, extortion, and surveillance—were the primary drivers of the notable 220% year-over-year (YoY) increase in spyware.

    Geographically speaking, 55% of all attacks were directed towards the United States, Canada, and India. Attacks against Israel and Italy also showed substantial increases, ranging from 800% to 4000% YoY, according to Zscaler.

    Malicious Android apps and malware

    In its annual study, Zscaler identifies three malware families that significantly affected Android users. The first is Anatsa, a banking trojan that occasionally enters Google Play through productivity and utility apps and receives hundreds of thousands of downloads each time.

    Since its discovery in 2020, anatsa has undergone continuous evolution. The most recent version is capable of stealing data from bitcoin sites, more than 831 financial institutions, and new areas like South Korea and Germany.

    The second is Android Void (Vo1d), a backdoor malware that targets Android TV boxes and has infected at least 1.6 million devices with out-of-date Android Open Source Project (AOSP) versions, mostly in Brazil and India.

    Malicious Android apps found on Google Play

    The third is Xnotice, a brand-new Android remote access trojan (RAT) that specifically targets job seekers in the oil and gas sector in Iran and Arabic-speaking areas.

    Xnotice propagates via applications that are disseminated through phony employment websites and pose as tools for registering for exams or applying for jobs.

    Through overlays, multi-factor authentication (MFA) codes, SMS messages, and screenshots, the spyware targets banking credentials.

    Users are encouraged to install security updates, only trust reliable publishers, reject or restrict accessibility permissions, refrain from downloading unnecessary apps, and routinely run Play Protect scans in order to protect themselves from Android malware threats, including those from Google Play.

    Routers continued to be the most targeted IoT equipment this year, according to Zscaler’s study. Hackers added routers to botnets or used them as proxies to spread malware by taking advantage of command injection flaws.

    The majority of IoT attacks took place in the United States, with rising hotbeds in Hong Kong, Germany, India, and China following, suggesting that attackers are targeting devices throughout a larger geographic area.

    The cybersecurity company advises businesses to harden IoT and cellular gateways by keeping an eye out for anomalies and implementing firmware-level protections, as well as to deploy zero-trust solutions for key networks.

    Strict application control guidelines, security against phishing attacks, and monitoring SIM-level communications for anomalies should all be part of mobile endpoint protections.

  • Quishing #alert – FBI warns smartphone users about fake QR codes stealing money

    Quishing #alert – FBI warns smartphone users about fake QR codes stealing money

    Smartphone users are now being alerted by the FBI and cybersecurity organizations to a new fraud called “Quishing,” which includes malicious or phony QR codes. Particularly vulnerable are those who often utilize QR codes for logins or payments; some victims have lost thousands of dollars. Here’s what you should know and how to protect yourself.

    The FBI and other federal authorities have recently expressed concern over the increase in QR scam attacks, sometimes known as quishing, in which unwanted parcels show up at people’s doorsteps. These packages frequently contain QR codes that, when read by the camera on mobile phones, cause victims to install malware or be redirected to phony websites. Your device may be compromised as a result, and your personal information may be taken.

    Quishing scam alert

    Online retailers are targeted by Quishing

    The most recent worry centers on these frauds that prey on people who frequently transact online. In order to steal your data, attackers are creating QR codes that point to dubious websites. These scams can also compromise your bank accounts and phone, enabling scammers to steal your money, according to the Brandenburg Consumer Advice Centre (VZB).

    In one scenario, scammers pose as legitimate customers interested in buying a product. They ask the seller to scan a QR code to start the transaction rather than giving money straight to the seller. By directing the victim to a phony PayPal login screen, this code may fool them into inputting their account information. This strategy is a type of phishing on websites.

    With zero-click tactics that don’t involve any user engagement, some attacks are become even more hazardous. Usually, high-profile people like politicians, journalists, attorneys, and activists are the target of these.

    Cyber Security Coach Online security specialist Alex East cautions that hackers might post phony QR codes in both public and private areas, such convenience store payment terminals or gas pumps. During normal transactions, these codes have the ability to reroute customers to malicious websites.

    Quishing alert - warning

    Ways to stay safe

    VZB recommends users to exercise caution when making digital transactions to prevent becoming victims of QR code frauds. It’s crucial to confirm that the vendor is the one displaying the QR code before paying, as opposed to scanning one that has been supplied by another party. Always look for indications of questionable activity on the website you are sent to, such as misspelled domain names or odd layouts.

    Scanning QR codes from unwanted parcels, email attachments, or public places should generally be done with caution as they may direct users to fraudulent websites. It’s even better to stay away from scanning QR codes completely unless you know exactly where they came from.

    It’s also strongly advised to strengthen account security using two-factor authentication (2FA), particularly when money is involved. Consider using passkeys, a more secure login option that is already supported by many websites and apps, for even more security.

    Security features on both iPhones and Android smartphones, such as warnings for phony websites and fraud detection in calls and messages, can aid in spotting scammers. To get the most protection, make sure these features are turned on.

  • Update Now! the fix for critical WhatsApp bug that allows hackers to spy on iPhones is live

    Update Now! the fix for critical WhatsApp bug that allows hackers to spy on iPhones is live

    You should be aware that not everyone using WhatsApp is safe. Meta has alerted users to a significant security vulnerability that hackers used to launch a sophisticated, focused malware campaign that compromised dozens of WhatsApp accounts. This is why it’s important and why you should upgrade the app right now.

    In order to fix a vulnerability that was exploited in conjunction with another weakness in Apple devices, WhatsApp declared on Friday that it has released an emergency patch for its messaging program on iOS and Mac. According to reports, a week before WhatsApp’s upgrade, Apple resolved the security flaw in its devices.

    whatsapp bug fix

    Why is this so dangerous?

    Hackers reportedly used a well-known zero-click attack—a technique that compromises a device without requiring user interaction—to successfully exploit both vulnerabilities. In certain situations, a victim might get a link or image from an attacker, who might then take control of the device and run malicious code to spy on or steal private data without the victim having to click.

    Meta acknowledged notifying dozens of people it thought were the campaign’s target. A copy of the alert message, which detailed the reason for the warning and the next steps, was posted on X by the head of the security company Amnesty Tech. The notification suggested that victims reset their device to factory defaults.

    We’ve made changes to prevent this specific attack from occurring through WhatsApp. However, your device’s operating system could remain compromised by the malware or targeted in other ways.
    To best protect yourself, we recommend a full device factory reset. We also strongly urge you to keep your devices updated to the latest version of the operating system, and ensure that your WhatsApp app is up to date.

    Meta

    These kinds of advertisements have already targeted WhatsApp users. Similar zero-day exploits have been connected in the past to monitoring operations targeting prominent people, such as journalists and politicians.

    What should you do to be safe?

    Even though only a small percentage of WhatsApp users were impacted, others should still be concerned about this attack. Installing the most recent security update for your Apple device and updating WhatsApp on your Mac and iPhone are highly advised.

    Even while Android users aren’t being targeted by this operation, they could still be at risk due to the same WhatsApp flaws. They should also install the most recent Android security patch and update to the most recent version of WhatsApp. Users who believe they may be in danger can manually activate new features like Advanced Device Protection, which provide an additional layer of security.

  • Android 16 will be the final major upgrade for these Realme devices

    Android 16 will be the final major upgrade for these Realme devices

    Google launched Android 16 more than two months ago, yet no Realme phone has received the upgrade as of yet. However, the company claims to be one of the first to roll out Android 16 on premium phones. The deployment of mid-range and low-cost phones should also happen sooner than normal as a result.

    Realme plans to update a number of phones in various pricing ranges to Android 16. However, it will mark the end of significant upgrades for several of them. In other words, no significant updates beyond Android 16 will be available for those devices, which will continue to run the same OS for the remainder of their lifetimes. We’ve put together a list of these gadgets. Check it out below to see if you’ll soon need to upgrade your smartphone.

    Android 16 – the final major upgrade

    • Realme GT 5
    • Realme GT 5 240W
    • Realme GT 3
    • Realme 14x
    • Realme 14 Pro Lite
    • Realme 13 (LTE/5G)
    • Realme 13+
    • Realme 13 Pro
    • Realme 13 Pro+
    • Realme 12 (LTE/5G)
    • Realme 12+
    • Realme 12 Pro
    • Realme 12 Pro+
    • Realme 12x
    • Realme 12 Lite
    • Realme Narzo 70
    • Realme Narzo 70 Pro
    • Realme Narzo 70x
    • Realme Narzo 70 Turbo
    • Realme Narzo N65
    • Realme C75 4G
    • Realme C67 4G
    • Realme C65
    • Realme C65 4G
    • Realme C63 5G
    • Realme C63
    • Realme C61
    • Realme P2 Pro
    • Realme P1
    • Realme P1 Pro
    • Realme P1 Speed
    • Realme Note 60
    • Realme Note 60x

    The list was created using the update policy and previous rollouts as a guide. Even while it ought to be largely correct, I still advise verifying with the official announcement for the last word.

    realme devices

    When will the Android 16 update be released by Realme?

    A release date for Android 16 has not yet been disclosed by Realme. But the company has previously stated that the Realme GT 7 Pro will be the phone running Android 16’s Realme UI 7.0 update. Soon after, the GT 7 and GT 7T will join the celebration.

    Starting with the GT 6 and GT 6T, the company will introduce the stable Realme UI 7.0 to the GT 6 series after the Realme GT 7 series. Other Realme devices that qualify will thereafter progressively receive the update.

    The company has not commented on the Android 16 release, but given that competitors like Oppo, OnePlus, and Samsung are also doing so for their own Android skins, it must be getting ready for a Realme UI 7.0 beta release shortly. Realme is anticipated to begin hiring beta testers for Realme UI 7.0 in a few days, with the stable rollout probably starting in September.