Android

Microsoft found an intent redirection vulnerability in EngageLab's Android SDK affecting 50M+ app installs. Crypto wallets with 30M users were at risk.

Kaspersky discovers new SparkCat malware variants on Apple App Store and Google Play that use OCR to steal cryptocurrency wallet recovery phrases from photo galleries.

McAfee discovered NoVoice malware hiding in 50+ Google Play apps, using 22 exploits to root devices and clone WhatsApp sessions. Factory reset won't remove it.

Google's March 2026 Android security update patches 129 vulnerabilities including CVE-2026-21385, a Qualcomm graphics flaw affecting 234 chipsets under active exploitation.

ESET discovers PromptSpy, the first Android malware weaponizing Google's Gemini AI to maintain persistence by analyzing UI and generating real-time tap instructions to stay pinned in recent apps.

Commercial mobile spyware on Telegram offers live surveillance, OTP interception, and crypto theft across Android 5-16 and iOS up to version 26.

Researchers disclose zero-click attack vector on Android where adding a user to a group can trigger malware execution through manipulated media files.

Budget Android TV boxes and tablets ship with backdoors from the factory, turning home networks into criminal infrastructure for ad fraud and proxy services.

Google patches CVE-2026-0628 in first 2026 update. The high-severity bug affects billions of users across Chrome and Android applications.

Massive Android botnet targets set-top boxes and tablets, issued 1.7 billion attack commands in 3 days, briefly surpassing Google in DNS rankings.

New $150/month malware platform allows attackers to create weaponized versions of legitimate Android apps while maintaining full functionality.