Patch Round‑Up: Android fixes aim at WebView, Bluetooth flaws

Today’s security bulletin addresses multiple high‑severity bugs affecting WebView and Bluetooth stacks. Update promptly; several issues allow privilege escalation after a crafted page or packet.

Updated •Editor’s Desk

PatchesWebViewBluetooth

Run a Device Safety Check Harden Your Phone

Breach Briefings

Banking trojan

New dropper mimics PDF viewer; steals SMS codes

Malware posing as a document app asks for Accessibility and Notification access. Deny both; uninstall if prompted.

1 min read•Field Notes

App store sweep

Cloned utilities share identical SDK trackers

Multiple flashlight and cleaner apps upload device fingerprints on launch. Prefer first‑party tools; read permissions.

2 min read•Reporter Desk

Phishing kit

Full‑screen overlays target banking apps

Overlays request Accessibility to intercept inputs. Audit apps with this permission and remove unknown ones.

2 min read•Lab Watch

Hardening How‑To

Settings

Lock down permissions in 3 screens

Settings → Privacy → Permission manager.
Limit camera, mic, location to While in use.
Review Accessibility: only assistive apps should remain.

Browser

Reduce tracking in mobile Chrome

Enable Enhanced Safe Browsing and block third‑party cookies.
Turn on HTTPS‑Only mode; clear site data for unknown sites.

Protection

Add a reputable security layer

Anti‑phishing, malicious site blocking, and breach alerts can catch what manual checks miss.

Run a Trusted Scan