Latest coverage for Android
Android is Google's mobile operating system, whose apps, devices, and updates create a broad security surface for vulnerabilities and advisories.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Android is an open-source operating system for mobile devices based on the Linux kernel, supporting apps primarily written in Java and Kotlin. Its architecture enforces app sandboxing and a permission model to isolate apps and restrict access to sensitive data or system features. However, Android’s allowance for installing apps from unofficial sources increases exposure to malicious software outside the vetted app store environment.
Security risks on Android include malware distribution via sideloaded apps, privilege escalation exploiting OS or pre-installed app vulnerabilities, and data leakage through excessive app permissions. Fragmentation in device models and delayed security updates complicate patch management, making timely application of security patches and careful permission control essential defensive practices for reducing attack surfaces on Android devices. Understanding these factors is critical for managing vulnerabilities in both consumer and enterprise contexts.
Vishing, Mishing Go Next-Level With FakeCall Android Malware
A new variant of the sophisticated attacker tool gives cybercriminals even more control over victim devices to conduct various malicious activities, including fraud and cyber espionage.
Android malware "FakeCall" now reroutes bank calls to attackers
A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker's phone number instead. [...]
Kremlin-Backed Hackers Have New Windows And Android Malware To Foist On Ukrainian Foes
Russia Tied to Ukrainian Military Recruit Malware Targeting
Anti-Mobilization Messaging Lead to Malware-Pushing 'Civil Defense' SitePotential Ukrainian military recruits are being targeted by a "hybrid espionage and information operation" - likely Russian - involving Telegram anti-mobilization messaging and a "Civil Defense" website designed to distribute Windows and Android malware, warns Google's Threat Intelligence Group.
Russia targets Ukrainian conscripts with Windows, Android malware
A hybrid espionage/influence campaign conducted by the Russian threat group 'UNC5812' has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. [...]
Russian Espionage Group Targets Ukrainian Military with Malware via Telegram
A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense