An urgent Android security alert has been issued due to a critical flaw that could allow hackers to bypass the lock screen on certain phones. Researchers discovered the vulnerability, which enables cybercriminals to access personal data and device contents within a minute by connecting a vulnerable phone to a laptop via USB.
The vulnerability, known as CVE-2026-20435, affects Android devices powered by MediaTek processors, commonly found in budget-friendly smartphones. Security experts warn that attackers can extract encryption keys before the system fully boots, circumventing security measures like full-disk encryption and lock screen protections.
Malwarebytes experts highlighted that one in four Android phones, particularly cheaper models, are vulnerable to this exploit. Users can check their phone’s processor information in the device settings and should promptly install any available security updates, as a fix has been released by MediaTek but needs to be distributed by device manufacturers.
It is crucial to keep devices up to date to mitigate the risk of this attack, which requires physical access to the phone. Users with older devices that no longer receive updates are advised to take extra precautions or consider upgrading to ensure cybersecurity.