UC Browser and UC Browser Mini Android apps exposed their users to man-in-the-middle (MiTM) attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels. Zscaler ThreatLabZ researchers discovered the following three issues: Downloading an additional APK from an unknown third party in violation of Google Play policy. Dropping an APK on external storage without actually installing it. Dropping APKs on their users’ Android devices on their Android devices.
Source: https://www.bleepingcomputer.com/news/security/500-million-uc-browser-android-users-exposed-to-mitm-attacks-again/