The team’s AI agent captured root privileges on the newly released Samsung S26 smartphone with Exynos 2600, marking the first post‑One UI 8 bootloader‑lock exploit, and demonstrated the vulnerability via a command‑wrapper app that runs entirely in the application context.
A hacker known as xone9to1 posted on a dark‑web forum a so‑called “Zero‑click RAT” that can silently infect iPhone 17 (iOS 26.2) and Android 16, offering real‑time camera, microphone, wallet theft, and remote control capabilities, while experts debate its authenticity and advise urgent security updates.
In 2025 Google’s Vulnerability Reward Program paid $17.1 million—40% more than the previous year—bringing the 15‑year cumulative bounty to $81.6 million, with major payouts to Chrome, Cloud, AI, Android and other product teams.
An in‑depth analysis reveals that the Bean Bag AI phone avoids Android’s Accessibility Service by directly reading GPU buffers and injecting input events via hidden system APIs, runs a headless virtual screen, streams low‑resolution frames to the cloud for inference, and raises significant privacy and security concerns.
RAPID7 revealed a critical CVE‑2025‑10184 flaw in OnePlus’s OxygenOS that lets any app silently read SMS/MMS without user consent, affecting versions 12‑15, and disclosed details after the vendor failed to respond, highlighting severe risks to account security and privacy.
This article explores the challenges of memory safety in Android, explains the design and core mechanisms of ARM's Memory Tagging Extension (MTE), and details its hardware, compiler, kernel, and user‑space implementations, deployment options, and advantages over other memory‑protection techniques.
Android’s Shadow Call Stack (SCS), silently enabled since Android R on AArch64 devices, stores return addresses in a protected register‑based stack separate from the regular stack, complementing stack canaries and requiring hardware support, while developers can activate it via -fsanitize=shadow-call-stack and avoid using X18 elsewhere.
This article explains Android's Shadow Call Stack (SCS) security mechanism, its hardware dependencies, enabling methods, and how it protects return addresses on AArch64 kernels, illustrated with code examples and real‑world deployment results.
The 2022 XDef‑OPPO Security Salon in Chengdu gathered industry experts to discuss system‑level 3D defense, DOS attacks on data storage, Bluetooth memory flaws, cross‑device information flow, and Android hybrid security, offering deep insights and practical solutions for modern endpoint protection.
This article compiles a thorough list of Android security testing resources, covering online analysis platforms, static and dynamic analysis utilities, vulnerability scanners, reverse‑engineering tools, fuzzers, app‑repackaging detectors, market crawlers, miscellaneous aids, and references to academic publications and bug‑bounty programs.
This article reveals how Google secretly harvests Android Messages and call data, outlines the new privacy‑focused changes, showcases GNOME 42’s major UI and performance upgrades, and details the Lapsus$ breach involving a teenage mastermind that exposed Microsoft, Nvidia and Samsung source code.
The article reveals that Android’s Activity mReferrer field, derived from Context.getBasePackageName(), can be forged by overriding getBasePackageName(), outlines its data flow from ActivityTaskManagerService to Activity.attach, and recommends using the immutable UID via Binder.getCallingUid() for reliable source verification.
This article examines the challenges of implementing fingerprint‑based payment on Android, explains why early Android versions lacked a unified API, describes how Google’s FingerprintManager and TEE improve security, and details Tencent’s open‑source SOTER framework—including its key hierarchy, authentication flow, and integration steps—for building robust, low‑overhead biometric payment solutions.
This article enumerates the typical traps encountered while developing an Android APK protection solution—such as signature verification, JNI library stripping, smali injection limits, magic‑number manipulation, and post‑obfuscation safeguards—and offers practical mitigation strategies for each.
Based on Alibaba security data from January to August 2016, an analysis of 240 popular Android apps across 16 industry categories found that 83% had counterfeit versions, totaling 8,267 fake apps that infected 67.9 million devices, with social networking apps leading the fraud landscape.
AV‑Test’s May 2023 Android security assessment crowned Baidu Mobile Security’s antivirus engine with a flawless 100% detection rate, zero false positives, and full performance scores, marking its fourth consecutive top ranking while highlighting the role of big‑data analytics in combating emerging mobile threats.
