Android hijacking bug may allow attackers to install password-stealers | Ars Technica: "Roughly half of all Android handsets are vulnerable to a newly discovered hack that in some cases allows attackers to surreptitiously modify or replace seemingly benign apps with malicious ones that steal passwords and other sensitive data."
'via Blog this'