Amazon said it will halt sale of popular low-cost Android phones made by Blu Products because of reports software on the phone is collecting and sharing user data without owner consent.

The authors behind the Android banking malware family Svpeng have added a keylogger to a recent strain, giving attackers yet another way to steal sensitive data.

Google’s top Android engineer describes how the attack surface is shrinking on the mobile operating system.

Spyware called Adups found on millions of low-end phones is still collecting personal identifiable information of users despite public outcry.

Apple released iOS 10.3.3 Wednesday that serves as a cumulative patch update for multiple vulnerabilities including the high-profile BroadPwn bug.

Google has a new machine-learning algorithm it uses to compare new apps to known secure apps, improving the way it classifies submissions to Google Play.

Avanti Markets notified customers of a possible breach of personal and payment card data as well as biometric user information that likely occurred July 4.

Over the course of two months last year the Copycat malware infected 14 million Android devices and rooted more than half of them, roughly eight million devices.

The July Android Security Bulletin patches 11 critical remote-code execution bugs including one dubbed ‘Broadpwn’ that impacts both Android and iOS devices.

Mike Mimoso and Chris Brook discuss the news of the week, including Citizen Lab’s latest report, WannaCry hitting Honda, GhostHook, and Fireball.