Security News

Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward reaching $450,000 for exceptional quality reports. The list of in-scope apps includes Google Play Services, the Android Google Search app, Google Cloud, and Gmail.

A new Android backdoor malware named 'Wpeeper' has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads. Wpeeper stands out for its novel use of compromised WordPress sites to act as relays for its actual command and control servers, acting as an evasion mechanism.

Google blocked 2.28 million Android apps from being published on Google Play after finding various policy violations that could threaten user's security. In addition to blocking nearly 2.3 million apps and suspending 333,000 offending publishers, Google has rejected or remediated 200,000 app submissions requesting access to risky permissions such as SMS content and background location data without a good reason.

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and...

Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches. Brokewell is under active development and features a mix of extensive device takeover and remote control capabilities.

A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is...

A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure. The method enables SoumniBot to evade standard security measures found in Android phones and perform info-stealing operations.

An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites...

Google is rolling out an upgraded Find My Device network to Android devices in the United States and Canada, almost one year after it was first unveiled during the Google I/O 2023 conference in May. Users with Android 9 or later can now use the Find My Device application to locate their phones and tablets-even when offline or with dead batteries, if they're Pixel 8 and 8 Pro devices). The newly upgraded Find My Device network utilizes the Bluetooth proximity of over one billion active Android devices to help locate lost phones and tablets.

Explore the best password managers for Android devices that offer secure storage and easy access to your passwords. Find out which one suits your needs best.