Mobile Devices Face Expanding Attack Surface, ANSSI Finds in 2025 Threat Review

France’s national cybersecurity agency has released a detailed review of the current mobile threat landscape, outlining how smartphones have become exposed to a wide range of intrusion methods. The study examines how attackers reach a device, maintain access, and use the information gathered. It also shows how these threats have evolved as mobile phones became central tools for personal, professional, and government use.

The agency reports that mobile devices now face a broad and complex attack surface. Their constant connectivity, multiple built-in radios, and sensitive stored data make them valuable targets for different groups. Since 2015, threat actors have expanded their techniques, combining older strategies with new exploitation paths to gain entry, track users, or install malware without being noticed.

A significant part of the threat comes from wireless interfaces. Weaknesses in cellular protocols allow attackers to intercept traffic, monitor device activity, or exploit network features designed for legacy compatibility. Wi-Fi adds another layer of exposure through rogue access points, forced connections, or flaws in hotspot security. Bluetooth can be used to track a device or deliver malicious code when vulnerabilities are present. Near-field communication introduces additional opportunities when attackers can control a device’s physical environment.

Beyond radio interfaces, attackers rely heavily on device software. The study shows consistent use of vulnerabilities in operating systems, shared libraries, and core applications. Some methods require users to interact with a malicious message or file, while others use zero-click chains that operate silently. These techniques often target messaging apps, media processing components, browsers, and wireless stacks. Baseband processors, which handle radio communication, remain high-value targets because they operate outside the main operating system and offer limited visibility to the user.

• Also read: Gen Z Eschews Career Advisors as ChatGPT Becomes Their Go-To for Academic Advice, Study Shows

Compromise can also occur through direct physical access. In some environments, phones are temporarily seized during border checks, police stops, or arrests. When this happens, an attacker may install malicious applications, create persistence, or extract data before the device is returned. Mandatory state-controlled apps in certain regions introduce additional risk when they collect extensive device information or bypass standard security controls.

Another section of the review focuses on application-level threats. Attackers may modify real apps, build fake versions, or bypass official app stores entirely. Some campaigns hide malicious components inside trojanized updates. Others use device management tools to take control of settings and permissions. The agency notes that social engineering still plays a major role. Phishing messages, fraudulent links, and deceptive prompts remain common ways to push users toward unsafe actions.

The ecosystem around mobile exploitation has grown as well. Private companies offer intrusion services to governments and organizations. These groups develop exploit chains, manage spyware platforms, and sell access to surveillance tools. Advertising-based intelligence providers collect large volumes of commercial data that can be repurposed for tracking. Criminal groups follow similar methods but aim for theft, extortion, or unauthorized account access. Stalkerware tools, designed to monitor individuals, continue to circulate and provide capabilities similar to more advanced platforms, though on a smaller scale.

The study documents several real-world campaigns observed in recent years. They include zero-click attacks delivered through messaging services, exploits hidden in network traffic, some campaigns that exploited telecom network-level malicious traffic to target users. Some operations rely on remote infection, while others use carefully planned physical actions. The range of techniques shows that attackers adapt to different environments and skill levels.

To reduce exposure, the agency recommends a mix of technical and behavioral steps. Users should disable Wi-Fi, Bluetooth, and NFC when they are not needed, avoid unknown or public networks, and install updates quickly. Strong and unique screen-lock codes are encouraged, along with limiting app permissions. The study advises using authentication apps instead of SMS for verification and enabling hardened operating-system modes when available. Organizations are urged to set clear policies for mobile use and support users with safe configurations.

The report concludes that smartphones will remain attractive targets because they store sensitive information and stay connected to multiple networks. The findings highlight the need for coordinated responses, including international cooperation such as the work developed by France and the United Kingdom through their joint initiative on mobile security.

• Related: How to Secure Your iPhone and Android Device Against Nation-State Hackers

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. Image: DIW-Aigen.

Read next: The Technology Consumers Will Spend More on in the Next 5 Years
by Asim BN via Digital Information World

Study Finds Language Models Perform Poorly at Guessing Passwords

Researchers at the Future Data Minds Research Lab in Australia tested whether general purpose language models can produce accurate password guesses from detailed user information. Their study, published on arXiv, reports that three open access models performed far below established password guessing techniques, even when given structured prompts containing names, birthdays, hobbies and other personal attributes.

The team created twenty thousand synthetic user profiles that included attributes often found in real password choices. Each profile also contained a true password in plaintext and in SHA-256 hash form. Using a consistent prompt for every model, the researchers asked TinyLlama, Falcon RW 1B and Flan T5 Small to generate ten likely passwords for each profile.

Performance was measured with Hit at one, Hit at five and Hit at ten metrics that check whether the correct password appears among the top guesses. The evaluation covered both normalized plaintext and exact hash matches.

All three language models remained below one and a half percent accuracy in the top ten range. TinyLlama reached 1.34 percent in the normalized tests and produced no hash matches. Falcon RW 1B stayed below one percent. Flan T5 Small produced 0.57 percent for each of the three levels. The study reports that the models rarely produced an exact match despite generating outputs that resemble passwords in structure.

These results were compared with several traditional password guessing approaches that rely on deterministic rules, statistical models or combinations of user attributes. Techniques such as rule based transformations, combinator strategies and probabilistic context free grammars recorded higher Hit at ten scores, some surpassing thirty percent in the study’s evaluation. This gap shows the advantage of methods that rely on patterns drawn from real password behaviour.

• Also read: Weak Password Culture Starts With the Websites and New Research Maps the Scale

The researchers also examined why language models perform poorly in this task. They found that the models do not capture transformation patterns common in human password creation and lack direct exposure to password distributions. The authors state that models trained on natural language do not develop the memorization or domain adaptation necessary for reliable password inference, especially without supervised fine tuning on password datasets.

The PhysOrg report on the study notes that while language models can generate text or code tailored to prompts, the study shows that this ability does not translate into trustworthy password generation tied to personal details. This aligns with the paper’s conclusion that general language ability does not provide the specific reasoning needed to infer individual password choices.

According to the authors, this work is intended to establish a benchmark for evaluating language models in password guessing settings. They report that current models are not suitable as replacements for established password guessing tools. They also indicate that future research could examine fine tuning on password datasets or hybrid systems that combine generative models with structured rules, provided ethical and privacy constraints are respected.

The study concludes that language models excel at natural language tasks but lack the targeted pattern learning and recall required for accurate password guessing. The results show that traditional methods remain more effective for this specialised task.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. Image: DIW-Aigen.

Read next:

• Amnesty International Says Israel Continues Genocide in Gaza Despite Ceasefire

• How to Secure Your iPhone and Android Device Against Nation-State Hackers
by Irfan Ahmad via Digital Information World

Amnesty International Says Israel Continues Genocide in Gaza Despite Ceasefire

Amnesty International has reported that conditions in the Gaza Strip remain life-threatening for Palestinians more than a month after a ceasefire and the release of all Israeli hostages. The organization stated that Israeli authorities continue to restrict access to food, medical supplies, and materials needed to repair critical infrastructure, maintaining conditions that could lead to widespread harm.

According to Amnesty, at least 347 people, including 136 children, have been killed in Israeli attacks since the ceasefire took effect on October 9. Roughly half of Gaza remains under Israeli military control, limiting Palestinians’ access to farmland, the sea, and other sources of sustenance. While some humanitarian aid has been allowed into Gaza, many families still face inadequate nutrition, unsafe water, and limited medical care. Households reportedly receive two meals per day, but dietary diversity remains low, with many lacking access to protein, vegetables, and other nutritious foods.

Amnesty noted that Israeli authorities continue to block the delivery of materials needed to repair life-sustaining infrastructure and remove unexploded ordnance, rubble, and sewage, posing ongoing public health and environmental risks. Restrictions also extend to which aid organizations can operate in Gaza, limiting the effectiveness of relief efforts. The organization highlighted Israel’s ongoing displacement of Palestinians from fertile land and lack of restoration of access to the sea. There is no evidence that Israel’s intent to maintain these conditions has changed, despite the reduction in the scale of attacks.

Amnesty called on Israel to lift restrictions on essential supplies, repair infrastructure, restore critical services, and provide shelter for displaced residents. The group also urged the international community to maintain pressure to ensure humanitarian access and prevent further harm, citing previous International Court of Justice orders aimed at safeguarding Palestinian rights under the Genocide Convention.

The report underscores a broader moral imperative: the international community faces responsibility not only to monitor compliance with humanitarian law but also to prevent continued harm to innocent civilians. Continued restrictions and lack of access to basic needs raise urgent ethical questions about accountability, human rights, and the protection of vulnerable populations in conflict zones.

Image: Mohammed al bardawil / Unsplash

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. 

Read next: New EU Payment Services Rules Target Online Fraud and Hidden Fees
by Web Desk via Digital Information World

New EU Payment Services Rules Target Online Fraud and Hidden Fees

Online platforms will face financial liability for fraud originating on their sites under new EU payment services rules agreed Thursday morning by European Parliament and Council negotiators.

The provisional agreement holds platforms responsible for reimbursing payment service providers when those providers have already compensated customers defrauded through scams hosted on the platforms. Platforms must remove fraudulent content after receiving notice or face these costs.

The framework introduces advertising restrictions for very large online platforms and search engines. Companies advertising financial services must demonstrate legal authorization in the relevant member state or prove they represent authorized entities. The measure builds on existing Digital Services Act protections.

Payment Provider Obligations

Payment service providers will bear liability for customer losses when they fail to implement adequate fraud prevention mechanisms. The rules apply to banks, payment institutions, technical service providers, and in certain cases, electronic communications providers and online platforms.

Providers must verify that payee names match account identifiers before processing transfers. When discrepancies appear, providers must refuse the payment and notify the payer. Providers must freeze suspicious transactions and treat fraudster-initiated or altered transactions as unauthorized, covering the full fraudulent amount.

The agreement addresses impersonation fraud, where scammers pose as provider employees to deceive customers. Providers must refund complete amounts when customers report fraud to police and inform their provider. Providers must share fraud-related information among themselves and conduct risk assessments with strong customer authentication.

Transparency and Access Measures

Customers receive full fee disclosure before payment initiation. ATM operators must display all charges and exchange rates before transactions proceed, regardless of operator identity. Card payment providers must clearly state merchant fees.

Retail stores can offer cash withdrawals between 100 and 150 euros without purchase requirements, targeting improved access in remote and rural areas. Withdrawals require chip and PIN technology. Merchants must ensure trading names match bank statement entries.

Market Competition

The legislation reduces barriers for open banking services. Banks must provide payment institutions non-discriminatory access to accounts and data. Users receive dashboards controlling data access permissions. Mobile device manufacturers must allow payment apps to store and transfer necessary data on fair terms.

All providers must participate in alternative dispute resolution when consumers choose this option. Providers must offer human customer support beyond automated systems. The agreement requires formal adoption before taking effect.

Image: Antoine Schibler / Unsplash

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans.

Read next: OpenAI Notifies API Users After Mixpanel Security Incident

by Irfan Ahmad via Digital Information World

OpenAI Notifies API Users After Mixpanel Security Incident

OpenAI is notifying customers of its API platform after a security incident within Mixpanel’s systems exposed limited analytics information. The issue occurred entirely in Mixpanel’s environment and did not affect OpenAI’s infrastructure or users of ChatGPT.

OpenAI reports that Mixpanel became aware of unauthorized access on Nov. 9 and provided an exported dataset to OpenAI on Nov. 25. The dataset contained names associated with API accounts, email addresses, approximate browser-based location, operating systems, browsers, referring websites, and organization or user identifiers. OpenAI states that no passwords, API keys, payment data, chat content, prompts, usage records, authentication tokens, or government IDs were involved.

During its investigation, OpenAI removed Mixpanel from production systems, reviewed the dataset, and began notifying impacted organizations, administrators, and users. The company has ended its use of Mixpanel and plans broader security reviews across its vendor ecosystem. It continues monitoring for signs of misuse and says it will update affected users if new information emerges.

• Also read: Want To Rank Better In ChatGPT? Data Shows Sites With Strong Authority And Depth Earn Most Citations

OpenAI advises API users to remain alert to potential phishing attempts, since names and email addresses were included in the dataset. It recommends caution with unexpected messages, verification that any communication attributed to OpenAI comes from official domains, avoidance of sharing sensitive credentials, and enabling multi-factor authentication. The company is not advising password resets or API key rotation because no account credentials were exposed.

Mixpanel has described its response to the incident. The company says it detected a smishing campaign on Nov. 8 and initiated incident-response measures that included securing affected accounts, revoking sessions, rotating compromised credentials, blocking malicious IP addresses, recording indicators of compromise in its monitoring systems, performing a forensic review with external specialists, and resetting passwords for all employees. Mixpanel reports that customers who did not receive direct communication were not affected.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. Image: DIW-Aigen.

Read next:

• How to Secure Your iPhone and Android Device Against Nation-State Hackers

• The Technology Consumers Will Spend More on in the Next 5 Years
by Asim BN via Digital Information World

The Technology Consumers Will Spend More on in the Next 5 Years

People who design, create, and sell tech products understand that the key to success is to identify trends early and rise to the occasion to meet consumer needs and spending patterns. The team at LLC Attorney compiled and analyzed data from Statista Market Insights to conduct a comprehensive study identifying which products consumers are expected to spend more on over the next five years..Those in the tech world will find plenty of things that interest them in the team’s results. They reveal the products that are expected to bring in the most revenue in a rapidly shifting economy.

Online Education

In a ranking of non-grocery related items, online university education came in third for projected spending. The current market volume for online education is $94 billion and expected to increase to $136.6 billion by 2029, an increase of 9.92% (Projected Annual Growth Rate). Online education is popular because it can remove barriers faced by non-traditional students, by offering better flexibility and lower tuition. Online education exploded by necessity during the COVID-19 pandemic in 2020 and many students found they preferred this college experience. Improved video conferencing platforms have made online education an option that seriously competes with traditional in-person courses and the team clearly expects this trend to continue.

E-Services

An E-service is a remote offering of services. It can refer to online banking, government portals for tax processes or applications, a legal service, etc. This can even include online entertainment like gaming and streaming services. E-services rank at #8 on the team’s non-grocery list. The current market volume is $532.4 billion with a projected growth of $717.4 billion in 2029. That’s a 7.74% projected annual growth rate. E-services are convenient for consumers and as AI evolves, it becomes more cost-effective and streamlined for businesses. Since this is such a broad category of business, it’s no surprise that the E-service market will grow.

• Also read: Research Across Retailers Confirms Holiday Tactics Often Fail, Highlighting Evidence-Based Engagement Strategies

Online Food Delivery

Online food delivery is another market that’s boomed since 2020. Apps like DoorDash, Postmates, and Grubhub make it easy to get food directly to your door. When restaurants shut down during the pandemic, delivery was the only option for eating out. The current market value of online food delivery is $430 billion and expected to reach $563.4 billion in 2029 at a 6.99% growth rate. Over half of Americans consider online food delivery as an essential part of their lifestyle and it’s most popular among Millennials and Gen Z. Some projections say that “ghost kitchens” (these are kitchens that prepare food for delivery only with no sit-down restaurant) will account for half of drive-thru and takeaway orders by 2030.

Electronics

Heading further down the team’s ranking and analysis we see Electronics in the #16 spot, proving that there’s always a market for gadgets. The current market value is $99.4 billion expected to grow 4.10% to $116.6 billion in 2029. According to United Industries, TheBestSellingElectronics are smartphones, smart home devices, wearable health technology, laptops and tablets, electric vehicles, gaming consoles, and audio devices. These devices are very popular and an essential part of life for many people. They’re reliable technology products that will likely see steady to growing sales far into the future.

Media

While media can encompass some non-technological products, these days it encompasses many electronic and online-based products. The media economy is driven by technology used to create social media platforms and apps, video games, films and television, podcasts, art, music, and e-books. While print media and live performances are still popular in some spaces, they are more of a niche market with technology driving and defining the media landscape, for better or worse. Most media outlets have shifted to digital platforms, and our culture is tremendously influenced by social media. There is no divorcing technology from culture in this day and age, and we can see that reflected in the market. The current market volume for media is $14.3 billion and expected to increase to $16.8 billion at a respectable growth rate of 4.06%.

Technology’s Impact on the Food Market

LLCAttorney’s study found that food spending will increase the most in the past five years, which is no surprise since it’s one of the most essential purchases we make. However, we can look through the data and speculate on technology’s impact on food spending. For example, many people use an app to have groceries delivered. Studies indicate that more Americans are cooking at home, thanks in large part to plenty of resources online teaching them how to cook, meal plan, or order meal delivery kits. Technology is used for convenience and there’s no doubt that Americans want to find more convenient ways to feed themselves.

Impacts on Consumer Spending

Historical sales data, economic outlooks, and emerging patterns all fuel the projections on consumer spending and economic growth. Demographics can have a big impact on consumer spending. Younger people are more drawn to spend on technology, but aging people have a need for convenience, services, and health-related goods. Unexpected changes like wars or pandemics can shift the course of these projections, but overall we can see that technology is a driving force in economic development and market predictions.

Take a look at the infographic below for more insights:

Read next: 

• Gen Z Eschews Career Advisors as ChatGPT Becomes Their Go-To for Academic Advice, Study Shows

From our advertisers: AI-Powered Writing Is Becoming the New Workplace Standard — How Teams Are Leveraging Tools Like QuillBot to Communicate Faster and Smarter
by Irfan Ahmad via Digital Information World

How to Secure Your iPhone and Android Device Against Nation-State Hackers

US cybersecurity officials updated their mobile security recommendations this week, warning that sophisticated hackers are bypassing device protections by manipulating users directly.

The Cybersecurity and Infrastructure Security Agency released revised guidance on November 24, adding new warnings about social engineering tactics targeting encrypted messaging apps. While the recommendations target high-risk individuals in government and politics, the advice applies to smartphone users globally.

Why the Update Matters

Nation-state hackers from foreign countries breached commercial telecommunications networks in 2025. They stole customer call records and intercepted private communications for targeted individuals. The attacks prompted CISA to expand its December 2024 mobile security guidance.

The threat extends beyond technical vulnerabilities. Hackers are tricking people into compromising their own security.

Four New Warnings About Messaging Apps

CISA identified specific tactics hackers use against apps like Signal and WhatsApp:

Fake security alerts. Hackers claim your account is compromised to trick you into giving them control. They send messages that look like security warnings, even inside the app itself, requesting PINs or one-time codes. Be suspicious of unexpected security alerts.

Malicious QR codes and invitation links. Avoid scanning group-invitation links or QR codes from unknown sources. Verify group invitations by contacting the creator through a different channel.

Compromised linked devices. Foreign threat actors abuse the legitimate linked devices feature to spy on Signal conversations, according to a February 2025 Google report. Check your messaging app's linked devices section. Remove anything you don't recognize immediately.

Message retention. Turn on message expiration features that automatically delete sensitive messages after a set time. Check workplace policies first if using a work device.

Essential Security Steps for Everyone

Switch to encrypted messaging. Use apps like Signal that provide end-to-end encryption and work across iPhone and Android. Standard text messages are not encrypted.

Stop using SMS for security codes. Hackers with access to phone networks can intercept text messages. Use authentication apps like Google Authenticator or Microsoft Authenticator instead. Physical security keys like Yubico or Google Titan offer the strongest protection.

Some services default to SMS during account recovery even after you disable it. Check each account individually.

Use a password manager. Apps like 1Password, Bitwarden, Google Password Manager, or Apple Passwords generate strong passwords and alert you to weak or compromised ones. Protect your master password with a long, random passphrase.

Set a carrier PIN. Most mobile phone carriers let you add a PIN to your account. This blocks SIM-swapping attacks where hackers transfer your number to their device. Add the PIN, then change your carrier account password.

Update everything regularly. Enable automatic updates on your phone. Check weekly to ensure updates installed correctly.

Buy recent hardware. Older phones cannot support the latest security features, even with software updates. New hardware includes protections that older models physically cannot run.

Skip personal VPNs. Free and commercial VPNs often have questionable privacy policies. They shift risk from your internet provider to the VPN company, frequently making things worse. Work VPNs required by employers are different.

iPhone Security Settings

Enable Lockdown Mode. This feature restricts apps, websites, and features to reduce attack opportunities. Some functions become unavailable.

Turn off SMS fallback. Go to Settings, Apps, Messages and disable Send as Text Message. This keeps messages encrypted between Apple users.

Use iCloud Private Relay or encrypted DNS. Private Relay masks your IP address and encrypts DNS queries in Safari. Free alternatives include Cloudflare's 1.1.1.1, Google's 8.8.8.8, or Quad9's 9.9.9.9 DNS services.

Review app permissions. Check Settings, Privacy & Security to see which apps access your location, camera, and microphone. Revoke unnecessary permissions.

Android Security Settings

Choose secure phones. Buy from manufacturers with strong security records and long update commitments. Android maintains an Enterprise Recommended list of devices meeting security standards. Look for phones with hardware security modules, monthly security updates, and five-year update guarantees.

Enable RCS encryption. Only use Rich Communication Services when end-to-end encryption is enabled. Google Messages enables this automatically when all participants use the app.

Configure encrypted DNS. Set up Android Private DNS with Cloudflare's 1.1.1.1, Google's 8.8.8.8, or Quad9's 9.9.9.9.

Check Chrome security settings. Confirm Always Use Secure Connections is enabled to force HTTPS. Enable Enhanced Protection for Safe Browsing for extra protection against phishing and malicious downloads.

Verify Google Play Protect is running. This scans apps for malicious behavior. Hackers try to trick users into disabling it. Check app scans regularly and exercise caution if using third-party app stores or sideloading apps from other sources.

Limit app permissions. Go to Settings, Apps, Permissions Manager. Remove unnecessary access to location, camera, and microphone.

The Bigger Picture

CISA says to assume all communications between mobile devices and internet services face interception or manipulation risks. No single fix eliminates all threats, but combining these protections significantly reduces vulnerability.

The guidance acknowledges that organizations may already require some measures like secure communication platforms and multi-factor authentication. Where they don't, individuals should implement these protections themselves.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. Image: DIW-Aigen.

Read next:

• Study Finds AI Tools Already Match Human Skills in More Than a Tenth of U.S. Wage Value

• Want To Rank Better In ChatGPT? Data Shows Sites With Strong Authority And Depth Earn Most Citations
by Web Desk via Digital Information World