Technology

Android fixes 129 security flaws in major phone update

Published

23 hours ago

March 10, 2026

Android fixes 129 security flaws in major phone update

NEWYou can now listen to Fox News articles!

Most people never think about Android security updates until a headline like this appears. Suddenly, your phone, the device you use for messages, banking, photos and work, becomes part of a global cybersecurity story.

That is exactly what happened this week. Google released its latest Android security updates, and they fix a massive 129 vulnerabilities. Even more concerning, one of them is already being exploited by attackers.

The flaw targets a component connected to Qualcomm graphics hardware, and researchers say it has already been used in limited targeted attacks. If you use an Android phone, this is the kind of update you want installed as soon as possible.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter

GOOGLE DISMANTLES 9M-DEVICE ANDROID HIJACK NETWORK

Google’s March Android security update fixes 129 vulnerabilities, including a zero-day flaw already exploited in targeted attacks. (Firdous Nazir/NurPhoto via Getty Images)

Android security flaw already targeted by attackers

One vulnerability in particular has security researchers paying close attention. The flaw is tracked as CVE-2026-21385. Google says there are signs it is already being used in targeted attacks. That makes it a zero-day vulnerability.

In simple terms, attackers discovered the flaw before many devices received a fix. According to Qualcomm, the problem is tied to the graphics processing component inside many of its chipsets. Specifically, the issue involves something called an integer overflow. That technical term means a calculation error can cause memory corruption inside the system. Once that happens, attackers may gain a foothold on the device.

Qualcomm says the flaw impacts 235 different chipsets, which means a large number of Android phones could be affected. Google’s Threat Analysis Group discovered the issue and reported it through coordinated disclosure practices. Qualcomm then worked with device makers to release patches.

Why the Android security vulnerability is dangerous

Several of the patched vulnerabilities allow attackers to execute code remotely or gain elevated privileges on a device. One issue inside the Android System component is especially concerning. Google says it could allow remote code execution without any user interaction.

That means an attacker may exploit the flaw without the victim tapping a link or installing an app. In cybersecurity terms, that type of vulnerability ranks among the most dangerous.

The March Android bulletin addresses ten critical flaws across the System, Framework and Kernel components. These parts sit at the core of Android, so any weakness there can ripple across millions of devices.

ANDROID MALWARE HIDDEN IN FAKE ANTIVIRUS APP

Android users are urged to install the latest security patch as manufacturers roll out updates across devices. (Barrington Coombs/PA Images via Getty Images)

Why some Android phones get security updates faster

Google released two patch levels for this update:

2026-03-01 security patch level
2026-03-05 security patch level

The second update includes everything in the first, plus fixes for additional hardware components and third-party software. Google Pixel devices typically receive updates immediately. However, many Android users must wait longer.

Phone manufacturers such as Samsung, Motorola and OnePlus often test the patches before releasing them for specific models. Carriers may also delay updates while they verify compatibility. As a result, some users receive security patches quickly while others wait weeks.

How to protect your Android phone from security threats

Security vulnerabilities are a reality in modern software. The good news is that there are several simple steps that can greatly reduce your risk.

1) Install Android updates quickly

Check for updates regularly and install them as soon as they appear. On most devices, go to Settings, tap Security and privacy or Software update, then select Check for updates and install the latest version if one is available. Security updates often fix vulnerabilities that attackers may already be trying to exploit.

2) Avoid apps from unknown sources

Only download apps from trusted stores like Google Play. Third-party app stores pose a higher risk of malware.

3) Keep Google Play Protect enabled

Google Play Protect, which is built-in malware protection for Android devices, scans apps for malicious behavior and warns you if something suspicious appears. It also automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn’t 100% foolproof at removing all known malware from Android devices. Therefore, we recommend strong antivirus software because it adds another layer of protection by using deeper threat detection, real-time monitoring and broader malware databases that can catch suspicious apps or files that Google Play Protect may overlook. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

4) Use strong device security

Set a strong passcode on your phone and turn on fingerprint or face unlock if your device supports it. This helps keep strangers out of your phone if it is lost or stolen.

5) Be cautious with suspicious links

Many attacks still start with phishing messages. Avoid tapping unknown links in texts, emails, or social media messages.

YOUR PHONE SHARES DATA AT NIGHT: HERE’S HOW TO STOP IT

A critical Android zero-day tied to Qualcomm chipsets could allow attackers to gain a foothold on affected devices. (Donato Fasano/Getty Images)

The bigger picture behind Android security updates

This Android update also highlights how modern mobile security works behind the scenes. Google’s Threat Analysis Group frequently discovers vulnerabilities that may already be used in real-world attacks. Those findings trigger coordinated responses involving chip manufacturers, phone makers and security researchers. In this case, Qualcomm received the report in December and provided fixes to device makers in early 2026.

By the time the public bulletin arrived, patches were already moving through the Android ecosystem. The process may look slow from the outside. In reality, it involves dozens of companies working together to prevent widespread exploitation.

Kurt’s key takeaways

Security updates rarely feel exciting. Yet they play a critical role in protecting billions of smartphones around the world. This latest Android update proves that point clearly. A zero-day flaw tied to Qualcomm graphics hardware was already being targeted before many users even knew it existed. Installing updates quickly remains one of the simplest ways to protect your device and your personal data. Most of the time, the update only takes a few minutes. Those few minutes can block attacks that might otherwise compromise your phone. So the next time your Android device prompts you to install a security patch, the better question may be this:

When your phone asks for a security update, do you install it immediately or tap remind me later? Let us know by writing to us at Cyberguy.com

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Related Topics:Android Featured Security software

Click to comment

Technology

How the spiraling Iran conflict could affect data centers and electricity costs

Published

10 hours ago

March 11, 2026

Press Room

How the spiraling Iran conflict could affect data centers and electricity costs

Soon after the Trump administration launched its war on Iran, I called up Reed Blakemore, director of research and programs at the Atlantic Council Global Energy Center, to talk about the consequences. While oil and gas prices were already on the rise, there was still more hope then that the impact of the conflict might be short-lived. At the end of our conversation, Blakemore said plainly: “Let’s have a call again [next week] … We’ll have a much clearer picture of what the conflict is going to look like and what the story really is going to be for energy moving forward.”

Energy infrastructure has become a key leverage point in the unfolding war

It’s a week later and the conflict has only escalated since the US and Israel launched strikes against Iran, killing Supreme Leader Ayatollah Ali Khamenei. Energy infrastructure has become a key leverage point in the unfolding war, with Israel hitting Iranian fuel depots and Iran targeting Gulf neighbors’ oil and gas infrastructure in its own strikes. Iran’s paramilitary Revolutionary Guard threatened on Tuesday not to “not allow the export of even a single liter of oil from the region to the hostile side and its partners until further notice.” Iran has reportedly also started to lay mines in the strategic Strait of Hormuz, through which one-fifth of global petroleum consumption and liquefied natural gas (LNG) trade used to move.

I talked to Blakemore again today about what Iran’s continued chokehold on the Strait of Hormuz means for energy costs and US tech companies’ rush to build out energy-hungry AI data centers.

This interview has been edited for length and clarity.

What’s your outlook now on how the conflict is likely to affect oil and gasoline prices?

Reed Blakemore: The fundamental issue right now, in terms of the energy implications of the conflict, is how the market is reacting to the uncertainty around safe passage through the Strait of Hormuz.

At the outset of the conflict when we saw insurance premiums going up for these ships, we were largely talking about it in the context of, Hey, it’s just gotten much more expensive for a ship to traverse the Gulf and therefore they’re staying out.

We’ve moved from that to actual concerns around the security of passing through the straits in the first place, so this is no longer an insurance cost issue as much as it is a safety and security issue.

We have virtually no traffic passing through the Strait of Hormuz. A lot of countries are beginning to shut in production. So there’s already this ripple effect emerging purely because the market and basically tankers are fundamentally concerned about whether or not they will be able to safely pass through the strait.

“There’s only so much that US energy dominance can do to shield US consumers”

The other feature that I think we’ve seen the market react strongly to in the past several days is a sense of how long this conflict is going to last. And I think you can look to the comments from the president in the last 72 hours and the market’s reaction as a major piece of evidence to that end. Moving into the weekend where the campaign had clearly escalated, the uncertainty around how open the Strait of Hormuz would or wouldn’t be was beginning to reach a fever pitch. The response from markets when they opened in Asia on Sunday going past $100 a barrel to nearly $120 a barrel is really a function of the market not having a sense that this would be over anytime soon. That pullback that we saw over the course of yesterday was in response to the president saying fundamentally that Hey, we have an end in sight to this conflict.

The United States is a major oil producer. I think the strategy of US energy dominance played a significant role in terms of shielding US consumers from the initial market consequences of the decision to go to war with Iran. The price increases we’ve seen thus far would have been much more responsive to the market volatility. That has bought the administration a little bit of time as it relates to how long until we see the gasoline prices really begin to pick up steam domestically. But as this conflict persists and the volatility in the market continues, we will begin to see upward pressure on gasoline prices, regrettably, over time.

There’s only so much that US energy dominance can do to shield US consumers from what is a globally traded market in terms of oil. Because the United States is a major domestic oil producer, it has the ability to put some downward pressure on its own gasoline prices.

But because via its oil exports it participates in a global market, it has that exposure to global oil market volatility.

Can we expect electricity prices to go up also? Why?

For the United States, the gas story is a little bit better, but not immune from the global market as well. Natural gas is largely regionally traded within the United States. The US is a major producer of natural gas for domestic consumption in a way that further insulates it. That makes the case of the United States much different than the gas price sensitivity we’re seeing in Europe or in Japan or other parts of East Asia.

The problem is similar to the oil story because the United States is a major LNG exporter. As natural gas prices increase elsewhere, LNG exporters will be incentivized to export more gas because that’s where the arbitrage opportunity is, and that will create the upward price pressure domestically in the United States.

What risks does that pose to tech companies and this push to build out more AI data centers and related energy infrastructure?

In the United States, the majority of the data center buildout has begun to be powered by natural gas. We’re not going to see electricity prices reach a crisis point in the United States in the short term because of this conflict. The time horizon that we’re talking about with gas and therefore electricity prices is likely in the time horizon of months rather than weeks you’d expect with oil.

However, the longer this conflict lasts and the more tightness we see in the global gas market — that will eventually permeate the United States and create that upward pressure on gas prices in a way which then affects electricity prices and then that brings the data center question into play.

I think the unique thing is it doesn’t necessarily affect the ability of data centers to purchase energy. Electricity costs are a relatively marginal proportion of the cost of building and operating a data center. What it does do is it only further inflames the energy affordability challenges that are currently deteriorating social license in the country for data centers. So the impact on electricity prices likely won’t directly harm data center buildout. The ancillary affordability challenges it will create will further entrench popular discontent with data center buildout, because data centers are simply making consumer electricity bills much more expensive.

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Justine Calma

Technology

Burger King AI listens to workers

Published

11 hours ago

March 11, 2026

Press Room

NEWYou can now listen to Fox News articles!

The next time you pull up to the drive-thru at Burger King, you may notice something different. The greeting might sound warmer. The thank you might feel extra intentional. That could be Patty. The company is expanding a new AI-powered assistant that listens to employee headset interactions and tracks how staff speak with customers. The goal, according to executives, is simple. Create friendlier restaurants and smoother operations. But the rollout raises a bigger question. When does coaching become monitoring?

BURGER KING MAKES CHANGES TO SIGNATURE WHOPPER FOR FIRST TIME IN NEARLY A DECADE

Burger King is rolling out an AI assistant named Patty to monitor employee drive-thru greetings and track customer interactions. (Eva Marie Uzcategui/Bloomberg via Getty Images)

What is Burger King’s Patty AI assistant and how does it work?

Burger King’s Patty AI assistant runs on technology from OpenAI. In practice, it listens for key phrases such as “Welcome to Burger King,” “Please” and “Thank you.” It then compiles that information into reports so managers can measure how consistently staff use polite language. Although company leaders say it is not recording every conversation, they frame it as a coaching tool designed to reinforce service standards.

Beyond tracking manners, Patty also supports daily operations. For example, it can answer questions about how many bacon strips go on a sandwich or how to clean specific equipment. In addition, it flags inventory shortages and alerts managers when machines stop working. It even tracks how often employees tell customers an item is unavailable, which can highlight supply gaps.

As a result, that data has already influenced menu decisions, including the return of apple pie after its removal in 2020. Taken together, Patty functions as a manners coach, kitchen assistant and data analyst rolled into one.

From pilot program to nationwide push

Burger King began testing Patty at about 100 U.S. locations last year. Now the company plans to expand to roughly 500 stores, with a goal of rolling it out nationwide by year’s end.

And Burger King is not alone. Rivals like Wendy’s, Taco Bell, McDonald’s, Pizza Hut and KFC have all tested AI in some form. Some experiments focused on automated ordering. Others used AI to streamline drive-thru operations.

Results have been mixed. Customers have praised the faster service. They have also complained about glitches and awkward robotic interactions. Burger King’s version stands out because it focuses on employee behavior, not just customer convenience.

TACO BELL TOPS NEW DRIVE-THRU SPEED RANKINGS, AND CHICK-FIL-A WINS ON SATISFACTION

Fast-food chains are increasingly turning to artificial intelligence to streamline service and boost efficiency. (Jeffrey Greenberg/Universal Images Group via Getty Images)

Coaching tool or digital hall monitor?

Burger King says Patty exists to help managers coach teams and improve hospitality. Executives argue that customers want a warmer experience. Data simply helps restaurants measure it.

Yet social media reaction tells a different story. Some critics say constant monitoring creates pressure. They worry about employees having a bad day and getting flagged for forgetting a single word. Others describe it as surveillance disguised as support.

This tension reflects a larger trend in the workplace. AI increasingly measures performance in warehouses, offices and retail counters. Now it is moving into fast-food headsets. The real debate is not about politeness. It is about power.

The bigger AI trend in fast food

Fast-food chains operate on razor-thin margins. Small efficiency gains matter. If AI reduces waste, speeds up service and improves customer satisfaction, companies will keep investing. At the same time, public opinion matters. Customers say they value authenticity. Employees want fair treatment. The companies that succeed will need to balance both.

FAST-FOOD RESTAURANTS USING NEW TECHNOLOGY TO RESHAPE HOW CUSTOMERS PLACE ORDERS

Burger King plans to expand Patty to 500 U.S. stores this year, with a nationwide rollout targeted by year’s end. (Justin Sullivan/Getty Images)

What this means to you

If you are a customer, you may notice friendlier greetings and fewer out-of-stock surprises. AI can help restaurants restock faster and fix broken machines sooner. That could mean shorter lines and more consistent menus. If you are an employee, the shift feels different. Every please and thank you becomes part of a data stream. Managers can track patterns instead of relying on occasional observations. For workers, that may increase accountability. It may also increase stress. For the industry, this signals a future where AI quietly runs in the background of nearly every transaction.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com

Kurt’s key takeaways

Technology keeps moving into spaces that once felt purely human. The drive-thru greeting used to be about personality and mood. Now it may be part of a data dashboard. Some will see that as progress. Others will see it as overreach.

If AI can measure kindness, should it? Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Technology

Slay the Spire II is even better with a friend

Published

22 hours ago

March 10, 2026

Press Room

Slay the Spire II is even better with a friend

Slay the Spire II launched in early access last week, and it’s already an excellent sequel to one of the best roguelikes of all time. In many ways, it’s very similar to its predecessor. Like Hades II and Hollow Knight: Silksong, Slay the Spire II mostly iterates on an already superb foundation. But it does add online co-op with up to four players. While multiplayer changes the familiar rhythms of Slay the Spire just a bit, it’s still a great way to tackle the arduous climb up the spire.

A round of Slay the Spire II plays essentially the same as the original: In each run, you navigate three different acts across a winding map, slowly making a build by crafting your deck and picking up various perk-giving relics, and fighting enemies, elites, and bosses along the way. Slay the Spire II retains the deliberate, turn-based style of play, meaning that when it’s your turn, you have as much time as you want to decide what to do. Since you can see exactly what your enemies are planning for their next turn, there’s a lot of strategy in deciding how much damage to do and how much defense you might need to set up. Multiplayer adds a slight twist: When it’s your turn, everyone can play simultaneously. That opens up all sorts of new opportunities for planning, but it also requires communication to make sure everyone is using their cards effectively.

My multiplayer partner was my wife, the biggest Slay the Spire fan I know, and on our second run we got a thrilling victory. I played the new Necrobinder character, a necromancer, while she played as the returning Silent, which can make decks built around flurries of shivs. Over the course of the run, we accidentally settled into a strategy where I focused on applying the Vulnerable status to as many enemies as possible before my wife would rain down shivs upon our foes.

Slay the Spire II doesn’t encourage teamwork only in battles. At a campfire rest stop, you can choose to mend a friend’s health to help them out. (Some of the new enemies are tough, so I’m glad this is an option.) You each get a vote on which path to take next on the map. Everyone can draw on the map, too — as I learned many times after seeing the doodles my wife made when I would spend too long in the shop.

Since we had to communicate so much, our winning run took about an hour and a half, slower than how fast I could blast through runs in the first game. When we finally defeated the Act 3 boss, though, it was even more satisfying than most of my solo wins because we did it together. My one complaint is that co-op requires you to each play online on your own copy of the game, and that, because there’s no couch co-op, we each had to play on separate devices even though we were sitting on the couch right next to each other.

Those are annoying tradeoffs, but multiplayer is such a fun addition to Slay the Spire that I don’t mind. I can’t wait to try another multiplayer run and see what challenges — and doodles — are in store for me.