Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A flaw in the EngageLab SDK exposed 50 million Android users, allowing malicious apps to exploit trusted permissions and ...
9to5Google

Google updates best AI models for coding Android apps, Gemini & GPT 5.4 at the top

The “Android Bench” for ranking AI models used in Android app development has been updated, with OpenAI’s latest model ...
Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

The Google API keys, all using the ‘AIza…’ format, can be abused for retroactive privilege escalation: a key that a developer ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

Hackers Turned Anthropic's Claude Code Leak into a Malware Lure

Cybercriminals are exploiting the recent Claude Code source code leak to distribute Vidar malware via fake GitHub repositories.