New Android Malware and Security Vulnerabilities Discovered

Android firmware malware named "Horse Shell" was discovered in over 200 low-cost Android TV boxes and set-top devices, including models from AllWinner, RockChip, and Amlogic. The malware enables persistent remote access, proxy network creation, and file transfer capabilities. Dell disclosed an actively exploited zero-day vulnerability (CVE-2026-24681) in its SupportAssist software, allowing privilege escalation on Windows systems. Proof-of-concept exploits were publicly released. A security audit revealed that several password managers, including LastPass and 1Password, misrepresented their encryption practices, storing certain metadata in plaintext or using weaker-than-advertised encryption for some data. The findings were published on February 18, 2026.