It's been revealed that some Broadcom chips allow rogue Wi-Fi signals to execute code of attacker's choosing. Google has fixed this in the April security update but it can take a while before devices receive it and some devices won't get the update at all.
Last edited by a moderator: