A critical privilege-escalation vulnerability affecting Android devices has been found that allows attackers to hijack any app on an infected phone. The bug is dubbed the StrandHogg 2.0 vulnerability (CVE-2020-0096) by the Promon researchers who found it. Like the original, a malicious app installed on a device can hide behind legitimate apps. Google has issued a patch for Android versions 9 and 8, but users on earlier versions will remain at risk.
Source: https://threatpost.com/strandhogg-2-critical-bug-android-app-hijacking/156058/