vulnerable apps Archives

BetaBeacon

October 6, 2025

Android and Windows gamers worldwide potentially affected by bug in Unity game engine

A vulnerability, known as CVE-2025-59489, has been discovered in the Unity engine, widely used in game development. The bug could allow malicious files to take control of permissions granted to Unity games and run commands on a victim's device. The vulnerability primarily affects Android, Windows, Linux, and MacOS systems, but not iOS devices or gaming consoles. Unity has released fixes for the vulnerability, with no evidence of exploitation so far. Microsoft advises users to uninstall vulnerable apps and games temporarily, while Steam has announced measures to block potentially malicious command line parameters in Unity games. The bug was reported by a researcher at GMO Flatt Security, who praised Unity for promptly addressing the issue. Users are encouraged to update their software to protect against potential threats.

AppWizard

June 26, 2024

Snowblind is a new Android banking malware abusing a safety tool

Snowblind is a first-of-its-kind Android banking malware that manipulates a Linux kernel safety feature called "seccomp" to bypass security checks and anti-tampering mechanisms. It exploits accessibility services to gain system-level access to an infected device and can disable security features such as two-factor authentication and biometric verification. The malware targets banking Android apps in Southeast Asia and is effective on all modern Android devices. Promon has developed protective measures against Snowblind and other potential variants of seccomp-based attacks.