Users started noticing on Monday that X’s programmers implemented a rule on its iOS app that auto-changed Twitter.com links that appeared in Xeets (tweets) to X.com links.
The breach did not compromise payment details, and U-Haul has reset passwords for affected accounts, implemented additional security measures, and offered one-year identity theft protection service to affected customers.
The Xamalicious backdoor, implemented with Xamarin, targets Android devices by gaining accessibility privileges and communicating with a C2 server to download a second-stage payload, potentially enabling fraudulent actions without user consent.
Post-quantum cryptography (PQC) algorithms should be implemented to replace vulnerable traditional public key cryptography (PKC) algorithms to mitigate the threat of quantum computers.
This attack bypasses standard side-channel protections implemented by browser vendors and can retrieve data from Safari, as well as other browsers like Firefox, Tor, and Edge on iOS.