Security news aggregator

Latest coverage for Android

Android is Google's mobile operating system, whose apps, devices, and updates create a broad security surface for vulnerabilities and advisories.

1167 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Android is an open-source operating system for mobile devices based on the Linux kernel, supporting apps primarily written in Java and Kotlin. Its architecture enforces app sandboxing and a permission model to isolate apps and restrict access to sensitive data or system features. However, Android’s allowance for installing apps from unofficial sources increases exposure to malicious software outside the vetted app store environment.

Security risks on Android include malware distribution via sideloaded apps, privilege escalation exploiting OS or pre-installed app vulnerabilities, and data leakage through excessive app permissions. Fragmentation in device models and delayed security updates complicate patch management, making timely application of security patches and careful permission control essential defensive practices for reducing attack surfaces on Android devices. Understanding these factors is critical for managing vulnerabilities in both consumer and enterprise contexts.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 1167 Filtered view

The European Commission on Thursday ordered Google to give rival AI assistants the same reach into Android that Gemini already has: the camera, the microphone, whatever is on screen, a wake word that fires with the display off, and the ability to drive other apps in the background by imitating taps and typing

EU Forces Google to Give Rival AI Services Android Access and to Share Search DataGoogle sounded security alarms after the European Commission ordered it to open up deep Android functionality to rival artificial intelligence providers, and also to give third-party search providers access to Google Search data. The orders enforce the Digital Markets Act.

RedWing: The Android Banking Trojan You Can Rent on Telegram for Less Than a Coffee Subscription Zimperium’s zLabs team has uncovered RedWing, an Android spyware operation sold as a subscription service through Telegram, with links to Russian threat actors and apparent roots in the Oblivion malware family. It comes with documentation, tutorial videos, a referral […]

Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was missed by AI but found by a security researcher. A newly disclosed Linux kernel vulnerability, named Bad Epoll (CVE-2026-46242), allows a local attacker with no special privileges to gain full root access on affected Linux systems and Android devices. Security updates are […]

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the browser on both Windows and Android devices

RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin’s XLab have been tracking a new malware family, called RustDuck, that hijacks routers, cameras, Android set-top boxes, and exposed servers, then uses them to flood targets with junk […]

For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded that the Popa botnet is linked to NetNut, a "residential proxy" provider operated by the publicly-traded Israeli firm Alarum Technologies Ltd [NASDAQ: ALAR].

Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium’s zLabs researchers have published a detailed analysis of Rokarolla, a new Android banking trojan named after its command-and-control infrastructure. It spreads through malicious websites masquerading as TikTok and Chrome, one confirmed distribution point being […]

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

Loading more headlines...