← Back to SecLog

Mobile Malware

Stories 1
Sources 1
Updated 2026.06.02
Browse other categories:
Breaches & Data Leaks Censorship Disinformation & Influence Ops Information Freedom Malware Mobile Malware Policy & Regulation Ransomware Scams & Fraud Social Engineering & Phishing Supply Chain Surveillance & Privacy Threat Actors & APTs Urgent Patches Zero-Days & CVEs
Microsoft Android apps exposed account tokens after debug flag was left enabled in Word, Excel, PowerPoint, OneNote, Loop and Copilot
8D ago 1 sources
Six Microsoft Android apps could hand Microsoft account tokens to unauthorized apps because a debug setting was left enabled in production code. SecurityWeek reports Enclave found the issue in Word, PowerPoint, Excel, Microsoft 365 Copilot, Microsoft Loop and OneNote for Android; the flag bypassed checks meant to restrict token sharing to trusted Microsoft apps, allowing any installed app to request reusable FOCI tokens and potentially access account data. No CVE is cited in the report. — People and organizations using these Android apps could have had account access tokens silently stolen by another app on the same phone, potentially enabling long-lived account access. This is urgent for Microsoft mobile users and defenders: watch for Microsoft’s fix, review mobile app trust and update practices, and investigate suspicious Android apps on managed devices.
Sources: Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk