It doesn't get much scarier than this. Bluebox Security claimed to have discovered a vulnerability in Android's security model that could allow attackers to convert 99 percent of all applications into Trojan malware. Google has told ZDNet that the hole has been patched and that it has been released to original equipment manufacturers (OEM)s.
Read More Google releases fix to OEMs for Blue Security Android security hole | ZDNet
