#ContentProvider

Microsoft warns of “Dirty Stream” attack impacting Android apps

May 2, 2024 by Xynik

May 2, 2024 at 12:05PM A novel attack called “Dirty Stream” exploits an Android flaw to manipulate file transfers between apps, potentially enabling unauthorized code execution and data theft. Microsoft research warns of over four billion affected app installations, highlights vulnerable apps like Xiaomi’s File Manager and WPS Office, and urges developers to address the … Read more

Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

May 2, 2024 by Xynik

May 2, 2024 at 11:18AM Several Android apps in the Google Play Store were found vulnerable to a path traversal-affiliated exploit, allowing malicious apps to overwrite files in the vulnerable app’s home directory. The implications include arbitrary code execution and token theft. Vulnerable apps include Xiaomi File Manager and WPS Office, but the issue has … Read more