A new vulnerability has just been discovered on Android phones, and it could well worry the three billion users of Google's operating system. Dubbed "Pixnapping," this flaw allows malicious applications to capture sensitive information, such as passwords, access codes, and banking data, without the user realizing it.
An invisible attack that exploits screen pixels
According to the university researchers behind the discovery, the attack relies on an ingenious method: it analyzes the color of the pixels displayed on the smartphone screen to reconstruct their content. The term "Pixnapping," a contraction of "pixel" and "kidnapping," aptly describes this process, which involves capturing the displayed image without taking a real screenshot. A simple application is all that's needed to exploit the flaw. Unlike other attacks, it doesn't require any special authorization. It uses an Android system interface to superimpose an invisible screen over active applications, thus observing each color variation. In a specific area, for example, where a two-factor authentication code is displayed, reading the pixels allows the information to be visually reconstructed.
Google reacts but the threat persists
Alerted by the researchers, Google released an initial patch in September 2025 and promises a full update by December. The company claims that no exploitation of the flaw has yet been detected in the wild. But cybersecurity experts point out that this type of vulnerability can be quickly exploited by hackers as soon as it becomes public. To protect yourself, the recommendations remain classic: avoid installing apps from unknown sources, carefully read the permissions requested during installation, and keep your device up to date as soon as a security update is available.
A new warning for the Android ecosystem
This discovery once again illustrates the fragility of an open system like Android, whose diverse manufacturers and slow patch deployments complicate security. Although the "Pixnapping" flaw appears theoretical for now, it demonstrates the growing sophistication of methods used to circumvent mobile device protections. With a patch expected by the end of the year, Google hopes to close this flaw before it is exploited. In the meantime, caution is advised: an up-to-date phone remains the best defense against attacks that are constantly evolving.
