Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Google Android Developer Verifier enforcement rollout for verified app installs

Security Tool/Service
First reported
Last updated
Happening score
H score 14
1 unique sources, 1 articles

Summary

Hide ▲

Google is enforcing Android developer verification on September 30, 2026, blocking normal installs of unverified apps on certified Android phones in Brazil, Indonesia, Singapore, and Thailand. The rollout uses the Android Developer Verifier and new related APIs to check developer identity before installation, shifting the installation path toward verified publishers and higher-friction sideloading for everyone else.

Related Happenings

Microsoft 365 Android apps token-sharing flaw (multiple vulnerabilities)

Vulnerability
H score21 First: 03.06.2026 17:56 Last: 03.06.2026 17:56 Sources 1

About this happening: **Microsoft 365 Android apps** were exposed by a leftover **setIsDebugMode(true)** flag that let same-device apps steal account tokens and act as the signed-in user. The flaw coul...

Open Happening

Android Framework code execution and privilege escalation flaw (CVE-2025-48595)

Vulnerability
H score40 First: 02.06.2026 14:10 Last: 02.06.2026 14:10 Sources 1

About this happening: Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...

Open Happening

Google security patch release for CVE-2025-48595

Security Patch Release
H score45 First: 02.06.2026 14:10 Last: 02.06.2026 14:10 Sources 1

About this happening: Google's **June 2026 Android security patches** address **124 vulnerabilities**, including an **actively exploited zero-day**. The release ships as the **2026-06-01** and **2026-0...

Open Happening

BTMOB Android MaaS platform expands low-code phishing payload production

Threat Actor Meta
H score21 First: 29.05.2026 00:10 Last: 29.05.2026 00:10 Sources 1

About this happening: **BTMOB** has been exposed as a **malware-as-a-service** Android trojan with a **builder interface**, making it easier for cybercriminals to mass-produce tailored phishing payload...

Open Happening

BTMOB Android RAT no-code builder malware activity

Malware Activity
H score28 First: 26.05.2026 17:00 Last: 26.05.2026 17:00 Sources 1

About this happening: **BTMOB** is an **Android RAT** sold as **malware-as-a-service** on the **clearweb** and in private **Telegram** channels, with a **no-code APK builder** that generates customized...

Latest development: 29.05.2026 00:10

BTMOB is openly advertised on the clearweb and in private Telegram channels as a malware-as-a-service (MaaS) platform with an APK builder that customizes phishing payloads without coding. The Android RAT targets users mainly in Brazil and Latin America, uses phishing sites masquerading as streaming services, cryptocurrency mining platforms, and Google Play portals, and custom lures have included an Argentinian government agency theme.

Open Happening

Timeline

  1. 22.06.2026 15:45 2 articles · 3h ago

    Google will block unverified Android app installs in four countries

    Initial Disclosure

    Google will enforce Android developer verification on September 30, 2026 in Brazil, Indonesia, Singapore, and Thailand, using the Android Developer Verifier on Android 8 and newer certified devices to confirm that an app is registered to a verified developer before installation. Normal installs of apps from developers who have not registered an identity with Google will be blocked on certified devices, while verified apps will keep installing as before and unverified apps will be pushed to the higher-friction ADB or advanced sideload flow.

    Show sources
    Open in new tab