Google: Protecting Android users from 0-Day attacks

This
Google blog entry looks at some zero-day Android exploits that were
detected and makes it clear what the stakes are.

We assess with high confidence that these exploits were packaged by
a single commercial surveillance company, Cytrox, and sold to
different government-backed actors who used them in at least the
three campaigns discussed below. Consistent with findings from
CitizenLab, we assess likely government-backed actors purchasing
these exploits are operating (at least) in Egypt, Armenia, Greece,
Madagascar, Côte d’Ivoire, Serbia, Spain and Indonesia.