The Hacker News

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Pixnapping side-channel can steal 2FA codes pixel-by-pixel on Android 13–16; CVE-2025-48561 patched Sept 2025 but workaround ...
PCMag

'Pixnapping' Attack Can Steal Two-Factor Codes From Android Phones

Google has only partially mitigated the attack, which involves using a malicious Android app to secretly discern the two-factor codes generated by authenticator apps.

New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing ...