Version 5.2.1 of the EngageSDK was released to address security vulnerabilities related to third-party SDKs, particularly affecting digital asset management applications. Although no exploitation of this vulnerability has been reported, developers are urged to upgrade to the latest version. The Android operating system's security model provides some protections against these vulnerabilities, and the Android team has updated user protections during the transition to the secure version. The vulnerability, classified as severe, allows unauthorized access to protected components and sensitive data through intent redirection. Affected applications, particularly in the cryptocurrency and digital wallet sectors, account for over 30 million installations. The vulnerability was first identified in version 4.5.4 of the EngageLab SDK, reported in April 2025, and was addressed in version 5.2.1 released on November 3, 2025, which set the vulnerable activity to non-exported. Developers are advised to regularly review their Android manifests and upgrade to the latest SDK version to maintain application security.
Samsung is discontinuing its native messaging app, "Samsung Messages," on July 6, 2026, and is encouraging users to switch to Google Messages. This change aims to enhance user experience by providing access to advanced features such as Rich Communication Services (RCS) and AI-powered tools. Google Messages is already the default messaging app on many newer Galaxy smartphones. Local network providers will verify users' device information and phone numbers to enable Google services. Users can download Google Messages from the Google Play Store and set it as their default messaging app by following the provided prompts.
Samsung Electronics has announced the discontinuation of the Samsung Messages app, with support ceasing in July 2026. Users are encouraged to migrate to Google Messages, which will become the default messaging platform for Samsung Galaxy devices operating on Android 12 or newer. Devices running Android 11 or older will not be affected at this time. After July 2026, Samsung Messages will no longer send or receive texts, except for emergency contacts. Users can download Google Messages from the Google Play Store and set it as their default messaging app. Other messaging app options are available for users who prefer alternatives. Older Samsung Galaxy watches running Tizen OS will not support Google Messages after the transition, but will still allow text message functionality. RCS messaging, integrated into Google Messages, enhances the texting experience with features like read receipts and high-quality media sharing, whereas SMS is limited to basic text messaging.
Samsung has introduced an experimental feature called "auto-spatialization" for its Galaxy XR headsets, which transforms standard 2D applications, websites, images, and videos into immersive 3D experiences. The feature supports content with a resolution of up to 1080p at 30 frames per second, may consume more battery power, and is limited to the app window currently in focus. Additionally, Google has announced enhancements for the Galaxy XR platform, including the ability to pin apps to virtual walls, visibility of real hands in home space mode, seamless transition back to previously used apps, and over 100 apps optimized for XR available in the Google Play Store.
Samsung's Good Lock app allows users to personalize their devices, including a feature that enables different fingerprints to launch specific applications. Users can register multiple fingerprints and assign unique actions to each, such as opening Instagram with a left thumb or the Notes app with a right index finger. To set this up, users must download the Good Lock app, register their fingerprints, and use the Routines+ plugin to create routines that define actions for each fingerprint. This feature enhances convenience and productivity by providing quick access to frequently used apps and tasks.
Samsung's Hearapy app addresses motion sickness by using sound to alleviate symptoms. It is based on a study from Nagoya University that found exposure to a 100Hz tone for one minute can reduce motion sickness. The app emits a 100 Hz bass sine wave at 80-85dB through earphones, engaging the vestibular system to override conflicting sensory signals. Listening for 60 seconds can provide about two hours of relief. The app is available on the Google Play Store and works with any Android device. For optimal results, users should listen at a high volume, and Samsung recommends using Galaxy Buds 4 Pro for best sound quality. Other compatible options include the Soundpeats H3 and Bose QuietComfort Ultra 2. The Puro Sound Labs PuroPro is suggested for younger users due to its volume limit.
Recent findings from McAfee have revealed a malware campaign named Operation NoVoice that has infiltrated over 50 applications on the Google Play Store, which collectively received over 2.3 million downloads before being removed. The malware uses a rootkit attack strategy to gain administrator-level control of Android devices while remaining undetected. Affected apps appeared benign, performing tasks like cleaning files or managing photos, but were secretly communicating with a remote server to send device information. This allowed attackers to deploy custom exploit code, achieving root-level access and posing significant security risks. The malware persists even after factory resets, potentially requiring firmware reinstallation for complete removal. Users with older or unpatched Android versions are at greater risk, as well as anyone who downloaded the compromised apps.
A new malware threat called "NoVoice" has been found in over 50 applications on the Google Play Store, with 2.3 million installations on Android devices. Discovered by McAfee, this malware is hidden in seemingly harmless apps like system cleaners, games, and image galleries. It exploits Android vulnerabilities to gain root access, potentially allowing attackers to steal sensitive information and manipulate applications without user consent. In some cases, it may persist even after a factory reset. Google has stated that Android devices updated since May 2021 are protected against this threat and that Google Play Protect actively removes malicious apps and blocks new installations. The malware was not able to infect devices in Beijing and Shenzhen, suggesting the attackers may be avoiding local law enforcement. One identified app carrying the NoVoice payload is SwiftClean, developed by Biodun Popoola. The malware operates using a silent audio file, executing its code without user detection. Users are advised to download apps only from the Google Play Store and keep their devices updated.
