A security flaw affecting the Google Pixel’s default screenshot editing utility, Markup, allows images to become partially “unedited,” potentially revealing the personal information users chose to hide, as spotted earlier by 9to5Google and Android Police. The vulnerability, which was discovered by reverse engineers Simon Aaarons and David Buchanan, has since been patched by Google but still has widespread implications for the edited screenshots shared prior to the update.

As detailed in a thread Aaarons posted on Twitter, the aptly-named “aCropalypse” flaw makes it possible for someone to partially recover PNG screenshots edited in Markup. That includes scenarios where someone may have used the tool to crop or scribble out their name,…

Continue reading…