What Android token vulnerabilities are and why they matter
An Android token vulnerability is a flaw in how an app stores, shares, or protects authentication tokens, allowing other apps or attackers to intercept those tokens and silently act as the victim without re-entering passwords or passing normal security checks. In plain terms, your login session can be stolen instead of your password, and the attacker may read email, open cloud files, or access AI tools while everything looks normal to you. These recent issues highlight how account authentication security can fail in different ways: a development flag left on in major productivity apps, and a supply chain attack hiding inside a popular developer tool and Android app. Because many tokens are long‑lived refresh tokens, a single leak can lead to long‑term account compromise unless users and IT teams respond quickly.
Microsoft 365 Android token flaw: how a debug flag exposed your account
Researchers at Enclave discovered that several Microsoft 365 Android apps shipped with a debug setting that disabled checks intended to keep tokens within trusted Microsoft apps. With setIsDebugMode(true) left active in a shared SDK, Word, Excel, PowerPoint, OneNote, Microsoft Loop, and Microsoft 365 Copilot would hand over FOCI refresh tokens to any other app on the same device that asked. Those tokens enable cross‑app single sign‑on, so stealing one could grant silent access to email, documents, calendar data, and messages without a password, login screen, or visible permission prompt. Enclave built a proof‑of‑concept third‑party app that pulled tokens and then read mailbox contents using them. Microsoft has released a Microsoft 365 Android patch, issuing multiple CVEs and stating that Teams was not affected, but users must update to close this local app security breach.
OpenAI Codex token theft through npm and Android apps
Developers using OpenAI Codex faced a different Android token vulnerability through a malicious supply chain attack tied to the codexui-android npm package. The package appeared legitimate, attracted over 29,000 weekly downloads, and its GitHub repository looked clean, but later versions quietly extracted Codex credentials from the ~/.codex/auth.json file. According to Aikido Security researcher Charlie Eriksen, “for the past month, every single invocation has been quietly exfiltrating your Codex authentication tokens to an attacker-controlled server.” The stolen data included the access_token, refresh_token, id_token, and account ID, sent to sentry.anyclaw.store, which mimicked a monitoring service. The same malicious chain also reached users through Android apps such as OpenClaw Codex Claude AI Agent and Codex, which downloaded and ran the npm package within a sandbox, then shipped the in‑app Codex OAuth blob to the attacker once the user signed in.
Actions for individual users: updates, checks, and safer habits
If you use Microsoft 365 Android apps, open the Play Store and update Word, Excel, PowerPoint, OneNote, Microsoft Loop, and Microsoft 365 Copilot immediately to ensure the token flaw is patched. Then review your Microsoft account activity for unfamiliar sign‑ins, unusual email access, or file actions, and revoke suspicious sessions. For OpenAI Codex, uninstall the codexui-android npm package if you used it, remove related Android apps like OpenClaw Codex Claude AI Agent or Codex, and rotate your Codex credentials, including any tokens stored in ~/.codex/auth.json. Treat that file like a password: do not share, commit, or copy it into support tickets. Enable multi‑factor authentication everywhere you can; it will not stop token theft, but it limits some follow‑on abuse and improves overall account authentication security across your services and apps.
What IT and security teams should do now
IT teams managing enterprise Android deployments should treat these incidents as a prompt to review both mobile governance and token exposure. First, inventory all Android devices using Microsoft 365 apps and confirm that the latest Microsoft 365 Android patch level is installed for Word, Excel, PowerPoint, OneNote, Microsoft Loop, and Copilot. Use MDM or EMM tools to enforce minimum versions and block outdated builds from signing in. Next, audit sign‑in and access logs for abnormal activity tied to FOCI tokens, such as access from unusual apps or device IDs. For developer environments, scan for codexui-android usage, remove it, and rotate any OpenAI Codex tokens that may have been stored on compromised systems or in Android test devices. Finally, update your secure coding policies to include explicit checks for leftover debug flags, token‑sharing logic, and third‑party supply chain risks in Android apps.
