STEALING CODES ONE PIXEL AT A TIME Malicious app required to make "Pixnapping" attack work requires no permissions. Samsung's S25 phones. Credit: Samsung Android devices are vulnerable to a new attack that can covertly steal 2FA codes, location timelines, and other private data in less than 30 seconds. The new attack, named Pixnapping by the team of academic researchers who devised it, requires a victim to first install a malicious app on an Android phone or tablet. The app, which requires no sy...