Risky Bulletin Risky Bulletin: Supply chain attack plants backdoor on Android tablets
8 snips
Feb 18, 2026 A firmware supply-chain backdoor infecting thousands of Android tablets gets explored. The EU turns off AI features on lawmakers' devices over security and data worries. Reports cover Cellebrite usage against an activist and a Chinese APT exploiting a Dell zero-day. Multiple ransomware, data leak, botnet, and browser zero-day incidents round out the headlines.
AI Snips
Chapters
Transcript
Episode notes
Firmware Supply Chain Backdoor
- A supply chain compromise implanted the Kiandu backdoor in multiple Android tablet firmware.
- The backdoor enabled click fraud, browser hijacks, and unwanted app installs, infecting over 13,000 users since Aug 2023.
Disable Risky AI On Work Devices
- Europe disabled AI features on MPs' work devices over data and security concerns.
- This prevents AI tools from sending sensitive data to cloud servers outside Europe's control.
Phone Exploited During Arrest
- Kenyan activist Boniface Mwangi had his Samsung phone exploited with Cellebrite during an arrest.
- Citizen Lab found traces of the phone‑cracking software and Mwangi plans to run for president in 2027.