#Android
14 stories taggedAndroid.

Free Android VPNs Are Leaking Your Traffic, Study of 281 Apps Finds
Researchers tested the most popular free VPN apps on Google Play. Many fail at the one job they promise: keeping your internet activity private.

RedWing: The Rent-a-Fraud Kit Turning Android Phones Into Bank Robberies
A new Android malware sold on Telegram lets almost anyone hijack a victim's phone, steal banking logins and grab the codes meant to keep accounts safe.

Google and FBI cut off NetNut, a two-million-device botnet hidden inside smart TVs
The residential proxy service let hundreds of criminal and spy groups route attacks through ordinary homes.

Google Patches Fifth Chrome Zero-Day of 2022 as Hackers Actively Exploit the Flaw
A flaw in how Chrome handles a mobile-linking feature is being weaponised in real attacks. It's the fifth time this year Google has had to rush out an emergency fix for its browser.

Google loses final EU appeal, must pay €4.1 billion Android fine
The bloc's top court has ended a seven-year fight over how Google used Android to push its search engine and Chrome browser onto phones.

Samsung KNOX Use-After-Free Bug Sat in Galaxy Devices for Eight Years Before Patch
A high-severity kernel-level flaw in Samsung's KNOX security framework affected Galaxy handsets from the S9 through the S25 — a product window spanning nearly a decade.

Android's Identity Wall Goes Up Sept. 30, 2026 — Starting With Four Countries
Brazil, Indonesia, Singapore and Thailand are the first markets where unverified developers lose the right to install apps on certified Android devices, sideload or not.

The Popa Botnet: When Your $40 Streaming Box Moonlights as a Residential Proxy
Researchers tie a four-year-old Android TV box botnet to NetNut, the residential proxy arm of NASDAQ-listed Alarum Technologies. The company disputes the framing.

Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Researchers at Zimperium's zLabs catalogued 137 remote commands in the new malware, including PIN capture and clipboard hijacking against crypto wallets.

Asin Android Spyware Surfaces in Arabic-Language Lures, ESET Says
ESET ties early-2025 campaigns to decoy sites posing as utilities, war-tracking tools and a fake government news portal.

A Debug Flag Shipped to Prod Turned M365 Android Apps Into a Token Buffet
Any sideloaded app on the same phone could ask for the signed-in user's Microsoft token and get it. No prompt. No password. Just IPC.

A Single Notification Could Hijack Gemini on Android
Researchers showed how a poisoned WhatsApp, Slack or SMS alert could weaponize Google's voice assistant — no malicious app required.

Android June 2026 Bulletin: 124 Fixes, One Framework Bug Already Being Exploited
CVE-2025-48595 is a no-interaction privilege escalation in the Android Framework. Google says it's seen in the wild.

A Dev Flag Left Microsoft Account Tokens Exposed Across Billions of Android Installs
A single misconfigured development setting bypassed token-protection controls in Microsoft's Android apps. The blast radius was massive.