Android smartphones running Lolipop, Marshmallow, and Nougat, are vulnerable to an attack that exploits the MediaProjection service to capture the user's screen and record system audio
Some OnePlus devices, if not all, come preinstalled with an application named EngineerMode that can be used to root the device and may be converted into a fully-fledged backdoor by clever attackers.
Google has emailed Android app developers and has informed them of plans to remove all apps that misuse the Accessibility service from the Play Store.
A theoretical attack described by security researchers at the start of September has been integrated into a live malware distribution campaign for the first time.
Google has published this month's Android security bulletin, and the company provided a fix for the KRACK vulnerability that came to light last month.
A bug in the new "Adaptive Icons" feature introduced in Android Oreo has sent thousands of phones into infinite boot loops, forcing some users to reset their devices to factory settings, causing users to lose data along the way.
A Facebook spam campaign is luring users to phishing pages that try to trick targets into handing over Facebook or YouTube credentials.
Google's new Play Protect security system did not survive its first real-world tests, and the system was ranked dead last in an experiment carried out by German antivirus testing lab AV-Test.
Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges.
Google has added support in Android for an experimental feature that will encrypt DNS requests and prevent network-level attackers from snooping on user traffic.
Google has launched a bug bounty program for popular apps available on its Play Store. Dubbed the Play Security Reward Program, the bug bounty will be offered through the HackerOne platform and is not aimed at Google's own Android apps.
Google has removed eight apps from the official Play Store that were infected with the Sockbot Android malware.
A new report released earlier this week estimates that Kotlin will surpass Java as the primary programming language used for Android apps by December 2018.
Like usual, this week has been dominated mostly by small variants that most likely will never make it into distribute. We did, though, see a new CryptoMix and Locky variant released, that are actively distributed. The biggest news was the discovery of a new Android ransomware called DoubleLocker.
A new ransomware targeting Android devices has been spotted in the wild. Codenamed DoubleLocker, the ransomware abuses Android's Accessibility service and reactivates itself every time the user presses the phone's Home button.
There is now an Android app that can search and detect gas pump skimmers based on their Bluetooth fingerprint.
Today Microsoft released Edge for iOS and announced that the Android version will be coming soon. Windows Insiders can get access to the Microsoft Edge preview, which supports transferring content you are reading on your phone to a PC via the "Continue on PC" option.
WhatsApp has the honor of being the most popular app on iOS enterprise devices, but also the most blacklisted app on enterprise networks.
A Google security researcher has published proof-of-concept code for a vulnerability that can be exploited remotely via a WiFi connection to take over iPhone 7 handsets.