Android pushes new scam, theft, and AI protections in 2026 update wave
Phone scammers spoofing bank caller IDs have driven an estimated $980 million in annual losses worldwide, according to Europol. Android’s 2026 security roadmap takes …
iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users
Apple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5. The feature is launching in …
Google researchers uncover criminal zero-day exploit likely built with AI
Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source …
Google is turning Android Studio into a policy watchdog
Google has expanded Play Policy Insights in Android Studio to help developers catch policy issues while coding, including warnings for common problems such as missing login …
May 2026 Patch Tuesday forecast: AI starts driving security industry changes
Microsoft May 2026 Patch Tuesday is now live: Many fixes, but no zero-days Project Glasswing. This is one of three major security industry changes I’ll cover today. The …
One keypress is all it takes to compromise four AI coding tools
Developers clone unfamiliar repositories all the time. Open-source projects, work from teammates, sample code from a tutorial, a library someone recommended on a forum. The …
Chrome on Android can now hide your exact location from websites
Google is improving location privacy features that give users more control over sharing their location. On Chrome for Android, users can now choose to share their approximate …
Google expands Android Binary Transparency to counter supply chain attacks
Supply chain attacks on mobile software have grown alongside the expanding role of phones in daily life, from payments to government IDs to AI features. Google is responding …
Google to pay up to $1.5 million for zero-click Pixel Titan M exploits
Google has revised its Android and Chrome Vulnerability Reward Programs (VRPs), which pay security researchers to report vulnerabilities in Android, Google hardware, and the …
FIDO Alliance wants to keep AI agents from going rogue on online payments
AI agents are beginning to shop, log in, and complete tasks with little direct input. That shift is pushing the security industry to rethink how trust works when actions are …
Indirect prompt injection is taking hold in the wild
The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves …
Google brings instant email verification to Android, no OTP needed
Google has introduced cryptographically verified email credentials for Android through the Credential Manager API. This API aligns with the W3C Digital Credential API …
Featured news
Resources
Don't miss
- Sandyaa: Open-source autonomous security bug hunter
- The hidden risk of non-human identities in AI adoption
- Researchers open-source a Wi-Fi cyber range for security training
- Android pushes new scam, theft, and AI protections in 2026 update wave
- Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days