Android app vulnerabilities Archives

AppWizard

August 19, 2024

Google Play ends rewards for Android app bug hunters

Google is set to conclude the Google Play Security Reward Program (GPSRP) on August 31, due to a decline in actionable vulnerabilities being reported, which Google attributes to improvements in Android OS security. The GPSRP, launched in October 2017, incentivized researchers to identify vulnerabilities in popular Android applications on the Google Play Store, expanding over time to include all apps with at least 100 million installations. Through the program, developers earned money for finding security flaws, and it helped over 300,000 developers fix more than 1,000,000 applications, reducing the number of risky apps. The closure of the GPSRP raises concerns about the motivation for security experts to report vulnerabilities responsibly, particularly for apps from companies with weaker bug report management systems.

AppWizard

May 4, 2024

Big Security Alert! Critical Android App Flaws Found, Update Your Phone Now To Protect Your Personal Data

Microsoft's Threat Intelligence Team uncovered vulnerabilities in Android applications with a collective download count exceeding 4 billion, potentially allowing access to sensitive user data through a "dirty stream" attack. Users are advised to keep apps updated, install from trusted sources, and scrutinize app permissions. Microsoft is collaborating with Google to notify developers and prevent similar security issues in the future.