Introducing MERENA+ — our premium tier with your personalized safety dashboard, risk score, and all security tools. Sign up and cancel risk free in the first 14 days.Learn More
MERENA
Advisory Alert

New Android Vulnerability Exposing Sensitive Information

Researchers have discovered a new method, called ‘pixnapping,’ that allows malicious apps on Android devices to secretly capture what’s displayed on your screen, including sensitive information like two-factor authentication (2FA) codes from apps such as Gmail, Google Authenticator, Signal, and Venmo.


Who is at risk

Users of Android devices, particularly those from Google and Samsung, are most at risk. This includes anyone who installs apps from unknown sources or outside the official app store.

What to watch for

Be cautious of apps requesting unnecessary permissions, especially those that ask to overlay on top of other apps or access sensitive information without a clear reason.

What to do

Regularly update your device’s software and only download apps from trusted sources, such as the official app store. Review app permissions carefully and avoid granting access that seems unrelated to the app’s function.