A recent report showed that users' credentials are being stolen by malicious Android apps using phishing URLs mimicking well-known services that include Facebook, GitHub, Instagram, LinkedIn, Microsoft, Netflix, PayPal, Proton Mail, Snapchat, Tumblr, X, WordPress, and Yahoo, though it is unclear what the campaign's distribution vector is, reports The Hacker News.