Qualcomm and HackerOne are partnering for a bug bounty program that pays out up to $15,000 for vulnerabilities found in chipsets used in smartphones made by Samsung, LG and HTC.

Google’s November Android Security Bulletin patched 15 critical vulnerabilities, but only a supplemental patch for the Dirty Cow Linux vulnerability.

One year after kicking off monthly Android security updates and Google still is way behind Apple when it comes to patching.

The Quadrooter vulnerabilities made a lot of people take notice because the scale of affected Android devices (more than 900,000) put it on a level with Stagefright and other bugs that impact a large majority of the Android ecosystem. Some details on the four vulnerabilities were publicly disclosed at DEF CON in August by researchers...

Four vulnerabilities found in Qualcomm chips used in 900 million Android devices leave affected phones and tablets open to attacks that could give hackers complete system control. Researchers at Check Point who found the flaw are calling the vulnerability Quadrooter and say that a patch isn’t expected to be available to most users until September....