Android
-
Google sets Sept. 30 deadline for Android developer verification in four countries
Google will start enforcing Android developer verification on Sept. 30 in Brazil, Indonesia, Singapore and Thailand, blocking normal installs of unverified apps on certified devices and raising new concerns for open-source app stores.
-
New Rokarolla Android malware targets banking and crypto apps
A new Android banking trojan called Rokarolla targets 217 banking and cryptocurrency apps, uses 137 commands and can steal credentials, SMS codes and crypto payments, according to a technical analysis by Zimperium’s zLabs.
-
Google patches Gemini flaw that could let poisoned notifications trigger Android actions
Google patched a Gemini on Android flaw that let a poisoned notification influence the assistant, potentially triggering actions from fake messages to smart home controls. SafeBreach said the bug was fixed server-side and no in-the-wild abuse was found.
-
Google adds Android intrusion logging to help investigate spyware attacks
Google introduced an opt-in Android intrusion logging feature for suspected spyware cases. The encrypted logs are stored for 12 months, can be downloaded by users, and are rolling out to devices with the Android 16 December update and later.
-
Mirai-based xlabs_v1 botnet targets Android devices with exposed ADB
A Mirai-derived botnet called xlabs_v1 is targeting Android devices with exposed ADB services, using them for DDoS attacks and bandwidth-based profiling, according to a technical analysis from Hunt.io.
-
Google expands Android binary transparency to verify apps and modules
Google has expanded Android binary transparency for production apps and Mainline modules released after May 1, 2026, adding a public cryptographic ledger meant to confirm that device software matches what was intended to ship.
-
Google rolls out Android developer verification to all developers
Google is rolling out Android developer verification to all developers, with new identity checks for apps distributed outside Google Play. The move starts in four countries in September and expands globally next year.
-
Perseus Android banking malware enables device takeover and note theft
Perseus is a new Android banking trojan delivered through sideloaded IPTV apps that enables Accessibility based device takeover overlay attacks and extraction of notes and credentials, primarily targeting Turkey and Italy.
-
Google issues patches for 129 Android flaws including actively exploited Qualcomm zero day
Google released updates that fix 129 Android vulnerabilities, including an actively exploited zero day in a Qualcomm display component. The bulletin adds two March patch levels and addresses 10 critical flaws that can enable remote code execution.









